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CONTINUING SECURITY CONCERNS AT LOS 
ALAMOS NATIONAL LABORATORY 


TUESDAY, JANUARY 30, 2007 

House of Representatives, 

Committee on Energy and Commerce, 
Subcommittee on Oversight and Investigations, 

Washington, DC. 

The subcommittee met, pursuant to call, at 10:00 a.m., in room 
2123, Rayburn House Office Building, Hon. Bart Stupak (chairman 
of the subcommittee) presiding. 

Present: Representatives Stupak, Degette, Melancon, Green, Din- 
gell [ex officio], Whitfield, Walden, Burgess, Murphy, and Barton 
[ex officio]. 

Also present: Representatives Udall of New Mexico and Wilson 
of New Mexico. 

Staff present: John F. Sopko, Christopher Knauer, Voncille T. 
Hines, Rachel Bleshman, Peter Goodloe, Christopher Treanor, Jodi 
Seth, Alec Gerlach, Alan Slobodin, Dwight Cates, and Matthew 
Johnson. 

OPENING STATEMENT OF HON. BART STUPAK, A REPRESENT- 
ATIVE IN CONGRESS FROM THE STATE OF MICHIGAN 

Mr. Stupak. This meeting will come to order on the Energy and 
Commerce Committee, Subcommittee on Oversight and Investiga- 
tions. This hearing, which will be the first of the 110th Congress, 
is entitled. Continuing Security Concerns at Los Alamos National 
Laboratory. 

We will begin with the Members’ opening statements. 

Los Alamos National Laboratory is a place of great history. It is 
home to many of our Nation’s most secret of weapons development, 
and yet it is also home to some embarrassing lax security protocols. 

During my 12 years on the Oversight and Investigations Sub- 
committee, I have sat through far too many hearings detailing 
problem after problem at Los Alamos. 

Now as I take over as chairman of this distinguished subcommit- 
tee, I find myself presiding over yet another hearing about inad- 
equate security at the lab. The latest security debacle begins in Oc- 
tober 2006 when Los Alamos County Police responded to a call at 
a private residence and discovered several hundred pages of classi- 
fied and unclassified materials as well as electronic files that were 
stolen from the Los Alamos National Laboratory. 

Documents were taken from the lab by a subcontract employee. 
The employee simply walked out of the lab with stolen documents 
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in her purse or on a thumb drive which she easily inserted into 
open ports on classified computers. 

Over the last 8 years, this subcommittee has held 11 hearings 
into various security lapses at Los Alamos. I have this chart which 
I will enter into the official record illustrating 11 hearings that this 
committee has held. These hearings have ranged from the Wen Ho 
Lee case in 1999 to the removal of Classified Removable Electronic 
Media, CREM, in 2005 in the cyber security hearings we held in 
June 2006. 

Throughout these hearings. Members have heard time and again 
how the Department of Energy and the lab managers were going 
to improve security. We have heard excuse after excuse and plan 
after plan of how the lab would improve security. The DOE went 
so far as to competitively bid out the lab’s operation in the hope 
that a new management team would bring about change, security 
and accountability. 

But DOE awarded the contract to a consortium that includes the 
previous contractor, the University of California. With this brilliant 
decision, did anyone really expect the laissez faire culture of Los 
Alamos to change? 

As a result of our investigation, I have a number of questions 
that need to be answered today. How and why did the October se- 
curity breach occur? What is the potential and overall actual harm 
to national security as a result of the breach? Why do security 
breaches continue to plague Los Alamos? What plans do Los Ala- 
mos, DOE and the National Nuclear Security Administration have 
for preventing breaches at Los Alamos? Who is accountable for the 
most recent security breach at Los Alamos? What tools are avail- 
able to the Eederal Government to hold Los Alamos accountable for 
the latest security breach? 

For example, new accountability rules allow DOE to penalize 
contractors and their subcontractors for violations of DOE rules, 
regulations and orders regarding the safeguarding of restricted 
data and other classified information. Based upon our staffs inves- 
tigation, my real concern here is whether DOE is using these tools, 
or is it just giving contractors a slap on the wrist for egregious se- 
curity violations? Are the tools available for the Federal Govern- 
ment to adequately deter security breaches? This incident does 
raise serious questions about the manner and policies of the De- 
partment of Energy in granting the security clearances to employ- 
ees. This question, as well as many others, will of course have to 
be answered in closed session due to their sensitivity. 

During the last hearing in 2006, I became so fed up that I asked 
the question, “What do we do at Los Alamos that could not be done 
at our other National Laboratories?” I was serious when I asked 
that question back then, and I must tell you I have been asking 
myself the same question again in recent months. 

I am a former police officer, and in Michigan, we like to use auto 
analogies. For far too long we have essentially been issuing parking 
tickets to Los Alamos. In July 2004, we essentially put a boot on 
the lab when it was shut down for 7 months to clean up its act. 
This cost the American taxpayers more than $350 million and was 
supposed to result in a more secure facility. Unfortunately, there 
has been yet another breach not long after Los Alamos reopened. 
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Los Alamos did not change after repeated tickets. It did not change 
after putting a boot on. And now, I am convinced that we may need 
just to tow the car. 

Something drastic must be done at Los Alamos in order to 
change the systemic security problems. The American people de- 
mand and deserve the highest level of protection of our national se- 
crets. If the Department and the lab won’t change, provide security 
at our labs. Congress must explore ways to protect our security. 
Therefore I will, in cooperation with my friends on the minority 
side, be asking the Government Accountability Office to perform a 
comprehensive audit of all services performed at Los Alamos. 

I will ask them to evaluate whether the footprint and mission at 
the lab is too large. 

I will also ask them to evaluate the possibility of consolidating 
and moving many of the classified operations at Los Alamos to an- 
other lab, such as Sandia where there is a willingness among the 
employees and management to heed our advice. I will not tolerate 
continued security lapses and thumbing of their nose at Congress. 

Finally, it is my understanding that Secretary Bodman has 
asked for additional reviews of Los Alamos’s security and that the 
reports of the review are due at the end of February. It is our ex- 
pectation that the Department will take these reviews seriously, 
provide concrete answers and submit detailed plans to remedy the 
security lapses. 

I fully expect Secretary Bodman will appear before this sub- 
committee to articulate what has and will be done to improve secu- 
rity at Los Alamos. 

In conclusion, I am pleased that the first hearing of the O&I 
Committee is truly a bipartisan effort by myself, the ranking mem- 
ber and our staffs. This is what I hope will be the first of many 
bipartisan efforts to make our country safer and our government 
more effective. 

Thoughtful and tough oversight is neither Republican nor Demo- 
cratic. It is just good government. I salute the former chairman and 
his staff for all their work in this inquiry. I look forward to continu- 
ing to work with him. 

The Constitution entrusted Congress with a solemn duty to over- 
see the activities of the executive branch. Oversight is the only way 
Congress can assure that our laws are adequately and properly ad- 
ministered. 

Without effective oversight, how can Members of Congress truly 
determine with confidence what additional laws are needed? As 
chairman of the subcommittee, I plan to be persistent in our over- 
sight responsibilities, fully realizing that Congress’s power to probe 
is a necessary tool of our democracy that is best wielded in a non- 
partisan manner. 

Again, I want to thank our former chairman, the gentleman from 
Kentucky. I look forward to working with all the members of the 
committee and the Subcommittee on Oversight and Investigations. 
With that, I would yield to Mr. Whitfield. 
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OPENING STATEMENT OF HON. ED WHITFIELD, A REPRESENT- 
ATIVE IN CONGRESS FROM THE COMMONWEALTH OF KEN- 
TUCKY 

Mr. Whitfield. Mr Chairman, thank you so much for holding 
this important hearing, and I certainly want to congratulate you on 
your new with your new responsibilities as chairman of this sub- 
committee. 

As you said, we have held several hearings to review ongoing se- 
curity problems at Los Alamos over the last 3 or 4 years. 

And as long as it is important that we continue to do, so I am 
delighted that we are continuing to hold these hearings. 

Prior investigations led by this subcommittee have uncovered the 
details of the 1999 Wen Ho Lee case, the 2000 NEST team hard 
drive incident, and several incidents in 2003 and 2004 relating to 
the improper handling and destruction of classified removable elec- 
tronic media, and then, in 2004, operations at Los Alamos were 
shut down for a 6-month period in an attempt to deal with many 
of these problems. 

At each subcommittee hearing, Los Alamos officials have prom- 
ised to solve ongoing security problems. 

But they have failed to follow through. 

I was pleased when the Department recently decided to compete 
the Los Alamos contract for the first time in over 60 years. 

In June 2006, a new consortium named, Los Alamos National Se- 
curity began operations at its site. In its contract, LANS has made 
several commitments to solve the security problems at Los Alamos. 
Unfortunately for LANS, only 4 months passed before the most re- 
cent security incident occurred. In October 2006, it was discovered 
that 1,588 pages of classified documents from a classified vault had 
been removed in paper form and also downloaded on to a portable 
thumb drive. The documents and the thumb drive showed up in the 
trailer home of a former LANL employee. 

Now, 1,588 pages — I just want to show you, this is 1,588 pages. 
So it is really quite shocking that this is still going on in this mag- 
nitude. 

However unfortunate the time, LANS must be held accountable 
for compromising these documents, and it should pay a price. This 
incident demonstrates that the Department and LANS have failed 
to implement an effective security policy at Los Alamos. 

DOE must assert its contract and regulatory authorities to com- 
pel greater security performance. 

This most recent security incident demonstrates the same poor 
security management, lack of formality of operations, and insuffi- 
cient oversight that has plagued the lab for decades. I do not think 
the security problems at Los Alamos can be solved with small 
changes on the margin. 

Dramatic, new ideas from the Department, from LANS and from 
Congress, are needed. 

I have co-signed legislation drafted by Mr. Barton to strip NNSA 
of its autonomy with respect to safeguards and security, worker 
health and safety and cyber security oversight, and understand 
that Chairman Dingell and Chairman Stupak have also cospon- 
sored this important legislation. I would also note that we signed 
a co-letter last night along with Mr. Barton and Representative 
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Hastert that asked the Department to take immediate steps to 
solve the security problems at Los Alamos. 

The letter has several recommendations and urges DOE to take 
action to reduce the volume of classified material across the labora- 
tory. At Los Alamos, operations are spread out over a 43-square 
mile area. The lab has approximately 15,000 employees, 3,000 clas- 
sified computers and 1,774 classified security areas. To give you 
some perspective, there are more classified security areas at Los 
Alamos than there are total rooms in the Rayburn, Cannon and 
Longworth House Office Buildings combined. 

And at this time, I would ask unanimous consent to introduce 
into the record the letter that we just referred to, that we had sent. 
Do they have a copy of it? 

Mr. Stupak. Without objection, it will be part of the record. 

Mr. Whitfield. LANL’s volume of classified holdings is unneces- 
sarily large, conducted in too many security areas and involves too 
many people. These factors, including the geographical dispersions 
of activities, make LANL susceptible to security failures. I hope 
this subcommittee can help identify the right solutions to fix this 
problem once and for all. Thank you. 

Mr. Stupak. I thank the gentleman from Kentucky. 

Next, the gentleman from Michigan, chairman of the full Energy 
and Commerce Committee, Mr. Dingell. 

OPENING STATEMENT OF HON. JOHN D. DINGELL, A REP- 
RESENTATIVE IN CONGRESS FROM THE STATE OF MICHI- 
GAN 

The Chairman. Mr. Chairman, first, thank you for recognizing 
me, and second, congratulations to you on your becoming chairman 
of this subcommittee. You will do an outstanding job. You have 
been a superb member of the committee and superb ranking mem- 
ber, and I am delighted to see you sitting where you are. 

I want to also say, express my good wishes to the gentleman, Mr. 
Whitfield, who was so gracious and kind in his conduct in this sub- 
committee. We look forward to working with him, as I know we all 
do. 

I feel a little bit like this is the movie “Groundhog Day”. All of 
us will remember that we seem to be waking up each morning to 
repeat the same events over and over with regard to security at the 
National Laboratories. 

As I recall, when the House turned in 1994, this subcommittee 
was preparing a set of hearings to go into the conduct of matters 
at DOE and how things were being done at that time with regard 
to the laboratories. 

There were all matters of difficulties, and I won’t belabor the 
matter or delay the process by talking about it. 

But the events there with regard to security, security breaches 
at Los Alamos and the other laboratories, were very serious. 

And so I am reminded of what Yogi Berra used to say, this is 
like deja vu all over again. I am somewhat distressed that this sub- 
committee must convene to hear about security breaches at the Na- 
tional Energy Labs, Los Alamos in particular. We could drag out 
stacks of letters sent to the Department Secretaries and the Presi- 
dents over the past two decades on the issue we are reviewing 
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today. We could also display a small tower of hearing records, 
many of which I chaired, relating to security breakdowns at DOE 
and at the Los Alamos National Laboratory in specific. 

This would be good drama in a movie. These, however, are secu- 
rity breaches and are deadly serious. They threaten our security to 
guard our Nation’s military secrets, our nuclear secrets and other 
matters of importance. For some reason or another, DOE has prov- 
en itself incapable of managing this critical security and preventing 
recurring problems that we will discuss today. 

There is a new twist to this story, and I find it a worrisome de- 
velopment. Apparently, this latest security breach raises serious 
questions about DOE’s process and procedures in granting security 
clearances and the adjudication of adverse information dealing 
with the suitability of employees and contractors. 

This appears to be, in part at least, a new issue. And it should 
be the subject — as it is going to be — of an executive session which 
is going to take place later today. We may very well need to expand 
the investigation of this subcommittee into DOE’s personnel secu- 
rity system. 

Mr. Chairman, it is our joint concern that we will hear the same 
promises that we have heard in the past about how DOE will rem- 
edy the situation, how this lab is now going to take security mat- 
ters seriously and how the lab will be reorganized, how some offi- 
cers and officials and managers may be removed. 

I must confess that I have been hearing these promises for a long 
time, and I am beginning to find them somewhat tedious. The time 
has come to focus on the adequacy of the tools DOE possesses to 
effectively penalize the contractors and the lab for serious security 
failures, and whether DOE ever intends to use them or knows how 
to do so. There may be nothing in the Secretary’s toolbox effective 
enough to turn this lab around. We will need to determine that in 
today’s hearing and to find whether penalties are sufficient to effec- 
tively improve security at Los Alamos. 

I understand that Secretary Bodman, for whom I have consider- 
able affection, is considering yet another security review regarding 
Los Alamos specifically and the Department in general. I look for- 
ward to his appearance before this subcommittee in February to 
learn what he intends to do to fix this mess. I support requesting 
the Government Accountability Office to conduct a comprehensive 
audit of Los Alamos operations in order to determine what func- 
tions need to be retained, there versus being moved to another gov- 
ernment or private facility. 

It increasingly appears that the overall footprint of the lab may 
be too big in both physical scale and in the scope of its mission to 
be properly managed. 

At this point, all options should be open, on the table for consid- 
eration as to how we correct this intolerable situation. 

Again, Mr. Chairman, congratulations. Thank you for holding 
this hearing, and I look forward to hearing what will be said by 
our witnesses. But I hope you will forgive me, as I note in the case 
of Groundhog Day, we have seen all of this before. 

Thank you Mr. Chairman. 

Mr. Stupak. I thank the gentleman. 
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Next turn to the distinguished former chairman of the full com- 
mittee, Mr. Barton of Texas. 

OPENING STATEMENT OF HON. JOE BARTON, A 
REPRESENTATIVE IN CONGRESS FROM THE STATE OF TEXAS 

Mr. Barton. Thank you, Mr. Chairman. I, too, want to congratu- 
late you on the assumption of your new duties as the subcommittee 
chairman of Oversight and Investigations. I consider this sub- 
committee to be the heart of the full Energy and Commerce Com- 
mittee. 

You are following in some big footsteps; in the prior Congress, 
Mr. Whitfield, but if you want to go back to when your party was 
last in the majority, the full committee chairman, Mr. Dingell, was 
also the subcommittee chairman, and this is where he gained his 
reputation for making sure that the ship of state was sailed 
straight. 

So, we are going to have a good relationship. 

I want to echo what Mr. Dingell just said, if there is nothing else 
to do on the Oversight and Investigation Subcommittee it seems 
you can also hold a hearing of security lapses at Los Alamos. 

I believe this is the lOth hearing in the last 4 years. I could be 
wrong about that. But I wouldn’t be off by much; 2004 the entire 
laboratory complex was shut down for 7 months; 2005, 1,500 
records — including Social Security numbers — some people hacked 
into the system, stole those numbers and the Administrator didn’t 
even bother to tell the Secretary of Energy about it. 

This last October, approximately 1,600 documents were stolen 
and carried out of the complex and, if my memory is correct, were 
found in a mobile home when the local police responded to a do- 
mestic disturbance. 

Enough is enough. 

This is not a fast food restaurant on the corner somewhere. This 
is the crown jewel of our weapons complex. 

I don’t have words to explain how frustrated I am, and I think 
my frustration is shared by every member of the committee. 

I am happy to report that last evening we introduced a biparti- 
san bill, Mr. Stupak and Mr. Dingell, original cosponsors, along 
with myself, Mr. Whitfield and Mr. Hastert, that strips the NNSA 
of its authority to manage some of these problems and gives it back 
to the Secretary of Energy to delegate as he sees fit. It is H.R. 703. 

And I hope that bill is given a hearing very quickly at sub- 
committee, or perhaps even at full committee and is moved to the 
floor. We need to do something about this problem. 

If there were a way to start over, I would say, shut down Los 
Alamos, fire everybody out there and build a new weapons labora- 
tory somewhere else. That is not cost-effective. And obviously, there 
are many, many good people at the laboratory. But there is an ab- 
solute inability or unwillingness to address the most routine secu- 
rity issues at this laboratory. 

I have sent a letter to the Secretary of Energy, Mr. Bodman, 
today making him aware of this new legislation. But I have also 
asked him to immediately consider doing the following things by 
his authority as the senior executive officer of the Department of 
Energy. I have asked that he consider directing the Office of 
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Health Safety and Security to conduct an immediate inspection at 
Los Alamos and to repeat it next 2 years to report any problems 
and report any progress in security and worker safety. 

I have asked the Secretary to consider directing Los Alamos to 
dramatically reduce and consolidate the number of classified activi- 
ties, the number of classified computers, the number of classified 
vaults. They have got classified material strewn all around the 
complex. I have visited Los Alamos, seen for myself some of these 
sites where they store classified material. I am not an expert on 
security, but I consider the current number of sites to be many, 
many more than is absolutely necessary. And one simple solution 
to the problem would be just to reduce the number of places they 
keep this material. 

I also think that the current contractor at Los Alamos apparently 
doesn’t give a damn about this. And I hate to use that kind of lan- 
guage, but that is the way I feel. 

If it is contractually legal, I think part of their fee should be 
withheld, perhaps even forfeited. If the contract allows for civil 
penalties I would hope the Secretary would consider assessing 
those penalties. If you can’t get somebody’s attention any other 
way, sometimes you can get their attention by withholding finan- 
cial assets. 

So it is obvious that we are not going to solve this problem with 
one hearing, Mr. Chairman. But I do want to commend you for 
being willing in your first hearing of all the things you could do, 
to tackle this issue. It is a very serious issue. And I will pledge to 
you that the minority is doing to continue to work on this problem. 
And now that you are the chairman and Mr. Dingell is a full com- 
mittee chairman, you will have our full cooperation in trying to get 
on the bottom of it and rectify the situation if it is possible. And 
if it is not, if after a year or year and a half, if it doesn’t look like 
any progress is being made, I do reserve the right to request that 
we consider shutting down this laboratory. 

If that is the only way to do it, and we have to start over, then 
so be it. 

But we ought to be able to get security right at Los Alamos. 

With that, I yield back. 

Mr. Stupak. I thank the gentleman, and we do anticipate at 
least one more hearing on this subject with Secretary Bodman 
probably in March. And with that, I would yield to the distin- 
guished vice chair of the full committee, Ms. DeGette of Colorado. 

OPENING STATMENT OF HON. DIANA DEGETTE, A REP- 
RESENTATIVE IN CONGRESS FROM THE STATE OF COLO- 
RADO 

Ms. DeGette. Thank you very much, Mr. Chairman. It is good 
to see you in that chair after all these years working with you on 
this subcommittee, which I consider to be the best subcommittee in 
the House. 

And I also want to add my congratulations to the new vice chair- 
man of the subcommittee, Mr. Melancon. He is going to have a 
great time. 

One thing that is so great about this subcommittee is, when we 
get mad, we get really mad in a bipartisan way. And I want to echo 
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what former chairman Barton said, because I have been on this 
subcommittee during my 10 years in Congress, and you are exactly 
right, we have had about six to 10 hearings in the last few years 
alone on this subject. And we have been told repeatedly in every 
single hearing that this problem would be fixed. 

In 2004, then-Chairman Barton and I visited Los Alamos, and 
this was akin to a state visit for Los Alamos I guess. We went in; 
there was tremendous local interest. There was tremendous, tre- 
mendous effort to brief us and show us what was going on. The 
deputy secretary was there. The new director was there. Everybody 
was there. We toured the facility. We had some very tough con- 
versations. We were told that this situation was going to be fixed 
and that this situation was going to be fixed immediately. 

And subsequently, that director who was with us was drummed 
out, and nothing happened, as we have new seen. Mr. Dingell 
talked about Groundhog Day, and this week, in fact, is Groundhog 
Day, so it is appropriate that we are having these hearings this 
week, but it is not funny about these security breaches. The lab is 
home to some of the most confidential and important data in the 
Nation, weapons development, security of our nuclear stockpile, the 
development of technology to protect us from terrorist attacks. And 
it is not the first time either that we seem to be dependent on 
dumb luck to discover a breach of security. 

If it hadn’t been for the vigilance of police officers in investigat- 
ing unrelated drug charges, this classified data would still be sit- 
ting at the home of a former subcontractor for a yet to be discov- 
ered purpose. And so, really, the issue is so much broader than just 
this single incident. 

And as we will hear today, the Department of Energy’s Inspector 
General recently found that physical and cyber security at the lab 
have been consistently compromised. We keep saying to ourselves, 
why does this happen time after time, year after year? And we 
haul everybody in, and we rant and rave, and then it happens 
again. 

I think there are two problems. There is the oft discussed culture 
at Los Alamos where people really think themselves beyond the re- 
quirements of true security measures. But there is another prob- 
lem, and former chairman Barton alluded to this. It is such a large 
site and with so many different areas that contain this data, that 
it is very difficult to secure it. 

And in addition, when I visited, I found, 3 years ago, some of the 
security measures being implemented would be just routine secu- 
rity measures at a private facility, and so you have got to wonder, 
do these Government facilities think that they have to comply with 
lower standards than in private industry? So, really, I think the 
questions that former Chairman Barton and Chairman Stupak and 
Chairman Dingell are asking are the right questions. 

And I cannot stress enough to the witnesses today and to those 
who care about this facility, we are really serious and we are really 
serious this time, I think the legislation that was introduced is 
drastic, but that is the direction we are going to have to go unless 
we can get some clear answers of how we are going to fix this prob- 
lem. 

With that, Mr. Chairman, I yield back. 



10 


Mr. Stupak. Before the gentle lady leaves, if we can do house- 
keeping. I notice there is a majority of the committee present, and 
we are going to have to take a vote to move into classified or execu- 
tive session later. We won’t do it — so before we continue, all those 
in favor of moving to an executive session later, please just raise 
your hand or indicate aye. 

Any opposition? Hearing none, at the appropriate time, we will 
move into executive session later in this hearing. With that, we will 
continue with the opening statements, next turning to Mr. Walden. 

OPENNG STATEMENT OF HON. GREG WALDEN, A REPRESENT- 
ATIVE IN CONGRESS FROM THE STATE OF OREGON 

Mr. Walden. Thank you, very much, Mr. Chairman, and I think 
people who have come before me have laid it out pretty clearly and 
forcefully. There are just few things as important to our Nation’s 
security as maintaining the security of our classified data in our 
National Labs. I think my colleagues have made that clear. You 
have heard it from me before in these hearings we have had in the 
past. The chairman said, these are the crown jewels of our weapons 
systems. And I guess what strikes me is, we have got employees 
who still are walking out the front door with the diamonds out of 
the crown jewel set. And that is a problem. That is a very serious 
problem and one that this subcommittee has railed on before in 
public and in private sessions, perhaps even more so than what 
people are hearing in the public session. There are some fundamen- 
tal questions that we will have for all of you today that will come 
in both sessions, including access to these computers once again, 
how is that controlled, how does somebody walk out with a thumb 
drive? I understand you are now using a product like this, J-B 
Weld, the world’s finest cold weld, to actually seal up the USB and 
FireWire ports so that somebody can’t use one of these thumb de- 
vices. 

It is great. It works for engine blocks, and it works for faucets, 
and I guess it works to plug leaks in our national security system, 
too, but why do we even order computers that have those ports in 
them? It would seem to me that Government could work out a con- 
tract to get a computer that doesn’t have them. I am glad you now 
sealed up 7,200 of these ports or whatever the actual count is. Per- 
haps we will learn later today. But it strikes me as a bit strange 
that we are relying on J-B Welds to protect leaks of our national 
security. 

With that, Mr. Chairman, I will yield back. 

Mr. Stupak. I thank the gentleman. Next, I turn to the vice 
chair of the subcommittee, Mr. Melancon. 

Mr. Melancon. Thank you, Mr. Chairman. I don’t have any 
written statements. I would like to move as quickly as we can into 
testimony. 

Being new on the committee and just picking up the gist of what 
has been said about Los Alamos, and in looking at the concerns 
that we have about nuclear proliferation around the world, and we 
are not even protecting our own, it seems so. With that. I’d just like 
to thank you for allowing me to be part of the committee and the 
ranking member and the members of the committee. Thank you. 

Mr. Stupak. Thank the gentleman. 
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Next, I turn to Mr. Burgess, Dr. Burgess. 

OPENING STATEMENT OF HON. MICHAEL C. BURGESS, A 
REPRESENTATIVE IN CONGRESS FROM THE STATE OF TEXAS 

Mr. Burgess. Thank you. Chairman Stupak and Ranking Mem- 
ber Whitfield for continuing this committee’s important oversight 
over Los Alamos. Chairman Stupak, I appreciate the bipartisan na- 
ture of this hearing, and I hope it is a sign of how you will handle 
hearings in the months to come. You and your staff are to be com- 
mended for your preparation and your willingness to share rel- 
evant information with members across the aisle. 

Mr. Chairman, it is my sincere hope that we have your commit- 
ment to continue this collegial and bipartisan disposition through- 
out all the hearings of this congress. And I would also like to take 
a minute and thank Ranking Member Whitfield for his investiga- 
tion of Los Alamos throughout the years. Clearly, today’s hearing 
builds upon the hard work and the determination that you and 
your staff have displayed on this crucial matter of national secu- 
rity. I thank you for your leadership on this important issue. 

Today we have three panels before us that will hopefully be able 
to explain to us not only what exactly happened in October but also 
what has been done to prevent another recurrence. I welcome you 
all here today and hope we can get to the bottom of this continuing 
problem at Los Alamos once and for all. I would especially like to 
welcome my fellow Texan, Deputy Secretary Clay Sell. Thank you 
for being here with us today and sharing your valuable insight into 
the Department of Energy. 

In the post-9/11 world in which we live today, our national secu- 
rity has become the most important issue facing our Nation. We 
must do everything within our power to ensure that we do not be- 
come the victims of terrorism again. As terrorists become more and 
more sophisticated, we must continue to implement and maintain 
comprehensive measures to secure our safety. While we often think 
of terrorists of being from foreign lands, it is easily plausible that 
people living on American soil can compromise our country’s na- 
tional security interests. The fact that someone can walk out of an 
institution that developed the atomic bomb with a disk full of clas- 
sified information is deeply disturbing. This is absolutely indefensi- 
ble. 

Los Alamos has some of the smartest minds, people of almost im- 
measurable brilliance, working on the facility, and the reoccurrence 
of so many security breaches is simply inexcusable. I was taught 
that people should be held accountable for their actions. While 
there are many organizational changes that can be made to better 
ensure the security of our country’s classified information, one of 
the easiest and most effective remedies is to make the contractor 
in charge of security pay a step penalty. As a steward of the tax- 
payer dollar, I fully support this idea. If the contractor is penalized, 
millions upon millions of dollars maybe, then they will finally real- 
ize how serious the problem is and that it must be stopped. 

While there is clearly an institutional problem at Los Alamos, we 
must also remember that there are thousands, 15,000, hardworking 
employees at the lab who make a remarkable contribution to 
science in this country on a daily basis. I had the pleasure — the 
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honor of visiting the lab in July 2005, and I met many of those 
hardworking and dedicated men and women. I was impressed by 
their dedication. I was impressed by the overall intellect of the in- 
dividuals involved. 

In preparation for this hearing, I came across a posting on a well 
known blog of Los Alamos employees. The posting was addressed 
to members of this committee and ended with this thought: “Don’t 
give up on us just yet. Please be careful with your words. Direct 
them at those who are truly at fault and avoid belittling comments 
directed against the whole workforce and against the vital work 
that we can do to help this country. And one more thing, yes, you 
do need Los Alamos — a well functioning Los Alamos”. 

I completely agree with this employee. The country needs a well 
functioning Los Alamos. And that is why we are here today, to pro- 
tect what is a national treasure. 

And I would oppose any diminution of that mission or relocation 
of the resources, but oversight is our obligation. 

Mr. Chairman, I have several questions that I hope we will get 
answered, and one of those questions deals with the RFP process 
that the lab went through just a little over a year ago. Was it a 
fair process? Was the University and the contractor that was not 
selected, were they given a fair shake? Were they given a fair 
chance to compete for that contract? 

It seems as if the embedded culture at Los Alamos is incapable 
of change. Perhaps that is reason enough that we should reopen 
the RFP process. 

Mr. Chairman, I again thank you for the bipartisan hearing in 
which we can further address this troubling issue and what needs 
to be accomplished with this dismal and depressing cycle of secu- 
rity breaches at Los Alamos. 

And I feel it is important that we continue to work on this prob- 
lem so that we do not risk the welfare of our Nation and succeed- 
ing generations who will either benefit from our decisions or inherit 
the failings of our security lapses. With that, I will yield back. 

Mr. Stupak. I thank the gentleman. 

The gentleman from Texas, Mr. Green. 

Mr. Green. Thank you, Mr. Chairman, and I am glad to be back 
on the subcommittee although following our chairman, when it is 
his deja vu, I have been off this subcommittee for I think three 
terms, and it seems like we ended and that last term with Los Ala- 
mos obviously back then much more serious allegations than we 
have today. 

But, Mr. Chairman, I have a statement I would like to place into 
the record and express the same frustration I think everyone has 
heard on a bipartisan basis, but I would like for us to get moving 
and see what we can do. But also I am thankful that we have local 
law enforcement who were sharp enough to pick that up, but hope- 
fully we can stop it before it actually leaves the lab. With that I 
will submit my statement for the record and yield back. 

[The prepared statement of Mr. Green follows:] 
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Prepared Statement of Hon. Gene Green, a Representative in Congress from 

THE State of Texas 

Mr. Chairman, I am privileged to be back on the Oversight Subcommittee, but 
it looks like not a whole lot has changed, we are still looking into security problems 
at Los Alamos. 

Everyone up here and all our witnesses are upset, but I do not think anyone has 
made the point that since our intelligence overseas has not been as good as it could 
be, we cannot afford nuclear security mistakes here at home. 

The risk of international nuclear proliferation is bad enough with Iran and North 
Korea without having to worry about risks in our own backyard. 

Some members of this committee criticized the previous administration for secu- 
rity lapses that occurred in the years after the cold war and rightfully so. 

But now, more than 5 years after 9/11, this administration has still not resolved 
many of the same issues. It looks like 9/11 led to increased security everywhere but 
Los Alamos. 

The National Nuclear Security Administration imposed millions in financial pen- 
alties against the University of California for problems at Los Alamos in past years, 
and the new contractor could be liable for even larger penalties. 

I notice that we have some new faces in charge, and some former officials are pur- 
suing other opportunities. I certainly hope the changes are noticed on the ground 
as well. 

However, I have to say I am somewhat bothered by much of the testimony here 
today. 

The testimony contains lots of findings from internal investigations and a great 
deal of new and updated directives and procedures. 

We’ve heard this same song about security breaches before-with similar findings 
of root causes and similar new procedures. In fact, DOE and Los Alamos just keep 
re-releasing the same album. 

Instead of more studies and procedures, I think the problem may be a lack of ac- 
tual leadership and people who will implement the procedures in a coherent way. 

So I hope our new faces here are not just interested in more studies, more inves- 
tigations, and more new set of rules. 

Instead I hope they and their managers get out there and work with the sub- 
contractors, security personnel, scientists, and employees and change the situation 
on the ground. 

Hopefully Congress does not have to remind the administration that several coun- 
tries opposed to the United States are currently seeking nuclear weapons. 

We need to keep our technologies out of these nations’ hand and we need to be 
dead serious about it. 

Thank you Mr. Chairman and I jdeld back. 

Mr. Stupak. Without objection, and welcome the gentleman back 
to this subcommittee. 

Mr. Murphy from Pennsylvania, any opening statement? 

OPENING STATEMENT OF HON. TIM MURPHY, A REPRESENTA- 
TIVE IN CONGRESS FROM THE COMMONWEALTH OF PENN- 
SYLVANIA 

Mr. Murphy. Thank you, Mr. Chairman, and it is a pleasure to 
be joining you on this committee. Mr. Chairman we are about to 
hear about these appalling violations and blatant disregard to na- 
tional security safeguards at Los Alamos National Laboratory, and 
they warrant intense scrutiny of this facility. The unauthorized re- 
moval of any classified materials is, of course, a grave matter. But 
the frequency at which classified materials seem to be removed at 
Los Alamos National Laboratory indicates a careless attitude to- 
wards our national security and deserves the intense scrutiny of 
this committee. 

One such display of this disregard for national security occurred 
in 2005, as referenced by the members here, when the former ad- 
ministrator of the National Nuclear Security Administration Linton 
Brooks — for 9 months. Administrator Brooks refused to report com- 
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puter hackers’ theft of 1,500 Social Security numbers and personal 
information of employees of the NNSA. Another instance, in Octo- 
ber 2006, we know police found a flash drive and hundreds of pages 
of classified documents at the home of a former subcontractor, the 
content of which is so classified it can’t be released to the public, 
but nonetheless it raises our concerns deeply. 

For the sake of our national security, we must determine how 
they were removed and take immediate steps to prevent this from 
occurring in the future. We need to prevent breaches through bet- 
ter security systems on computers and hardware, to thoroughly 
screen everyone, especially contractors at Los Alamos, to fully in- 
spect those materials that come in and out of the facility, and to 
prosecute to the fullest extent of the law and give stern penalties 
for those who breach that security. 

As our society is growing more dependent on technology, we have 
seen a disturbing trend in the theft or loss of personal information 
from Government agencies, such as the VA and large corporations, 
that at times are used for malicious intent. 

What has been the consequence of the theft of this material and 
who is responsible for their loss or misuse? We need answers to 
these questions, and we need ideas on how to prevent this in the 
future. 

Misuse of personal information must have consequences. For ex- 
ample, in the 109th Congress, I introduced the SERVE Act which 
would physically secure all sensitive personal information and all 
equipment containing such information processed and maintained 
by the Department of Veterans’ Affairs. But I also would have also 
required the VA and its contractors to encrypt sensitive personal 
information. The SERVE Act also imposed criminal penalties for 
unauthorized disclosure of sensitive personal information. 

But we are here not to address just one or two of these problems 
but to find a way to address a chronic failure to follow national se- 
curity procedures in guarding classified materials. I look forward to 
this hearing, and I yield back. 

Mr. Stupak. I thank the gentleman. We should note that Mr. 
Udall is here. He is not a member of the committee, but Los Ala- 
mos is in his district. He is very concerned about it and has always 
been a strong advocate for Los Alamos. You can see the concerns 
of members, Tom, but welcome, and I look forward. 

Mr. Udall. Thank you and a pleasure to join you today, Mr. 
Chairman. Thank you. 

Mr. Stupak. We are in recess until noon so we should be able 
to get hopefully most of this hearing in. It is the policy of the sub- 
committee to take all testimony under oath. 

Please be advised that witnesses have the rights under the Rules 
of the House of Representatives to be advised by counsel during 
their testimony. 

Do you desire to be advised by counsel at this time? If so, please 
introduce your counsel. Seeing no reaction, I advise, we do swear 
in witnesses. Would you please rise and raise your right hand? 

[Witnesses sworn.] 

Mr. Stupak. Let the of record state an affirmative response of 
the witnesses. Witnesses are now under oath. You have 5 minutes 
for an opening statement. Witnesses may, at the discretion of the 
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committee, submit brief and pertinent sworn statements for inclu- 
sion in the hearing record. 

Let me now start with Mr. Friedman please. 

TESTIMONY OF GREGORY H. FRIEDMAN, INSPECTOR 
GENERAL, U.S. DEPARTMENT OF ENERGY 

Mr. Friedman. Mr. Chairman and members of the subcommittee, 
I am pleased to be here at your request to testify on the Office of 
Inspector General’s review of the recent compromise of classified 
data at the Department of Energy Los Alamos National Labora- 
tory. Los Alamos, as has been stated earlier today, has been at the 
forefront of our Nation’s security related research and development 
enterprise for over 60 years. There have heen a number of highly 
publicized incidences that have cast doubt on the laboratory’s abil- 
ity to protect national security. 

The Office of Inspector General has performed numerous audits, 
inspections and investigations of physical, and cyher security relat- 
ed issues at the laboratory. 

Our reviews have covered diverse areas such as the implementa- 
tion of design bases threat, safe guards over classified material and 
property and security of information systems. I have been asked to 
testify before this subcommittee and other congressional panels on 
several occasions regarding management of security interest issues 
at Los Alamos. 

No doubt the subcommittee is fully aware of the circumstances 
surrounding the recent seizure of classified information from a resi- 
dence by the Los Alamos county police department. Shortly after 
the material was seized. Secretary Bodman requested that the Of- 
fice of Inspector General begin a review of the compromise of clas- 
sified data. 

The Secretary also asked that we evaluate certain aspects of the 
Department’s security clearance process, the results of which can 
he discussed in closed session. 

Our special inquiry disclosed that, despite the expenditure of 
tens of millions of dollars by the National Nuclear Security Admin- 
istration to upgrade various components of the laboratory security 
apparatus, the security environment was inadequate. 

Specifically, our special inquiry revealed that, first, certain com- 
puter ports which could have been used inappropriately to migrate 
information from classified systems to unclassified devices and 
computers had not been disabled. 

Second, classified computer racks were not locked. 

Third, certain individuals were inappropriately granted access to 
classified computers and equipment to which they were not enti- 
tled. 

Fourth, computers and peripherals that could have been used to 
compromise network security were introduced into a classified com- 
puting environment without approval, and finally critical security 
functions had not been adequately separated, essentially permit- 
ting systems administrators to supervise themselves when it came 
to security and to override controls. 

In many instances, laboratory management and staff had not de- 
veloped policies necessary to protect classified information, had not 
enforced existing safeguards or had not provided the emphasis nec- 
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essary to ensure protective measures were adequate. Some of the 
security policies were conflicting or applied inconsistently. Also, 
both laboratory and Federal officials were not as aggressive as they 
should have been in conducting security reviews and inspections. 
Our ffndings raised concerns about the laboratory’s ability to pro- 
tect both classiffed and sensitive information. 

The picture before you right now depicts the rack of classiffed 
computers at Los Alamos from which the diverted classiffed infor- 
mation originated. As you can see, the rack that held the comput- 
ers was unlocked, a condition that permitted access and exploi- 
tation of the open ports. And I know you all are familiar — this is 
a thumb drive similar to the one which in fact was used to divert 
the material from the laboratory. This is a 1 gigabyte thumb drive, 
and this can contain the equivalent of two file cabinets full of infor- 
mation to show you how powerful this little item is. 

Any diversion of classiffed material creates a potentially serious 
national security situation. The full extent of the damage related 
to the removal of classiffed information in this case may never be 
fully known. A criminal investigation of this matter by the FBI 
continues. 

We made a number of recommendations to correct identified defi- 
ciencies. 

For example, we recommended the Department take immediate 
action to disable unneeded computer ports, secure classiffed com- 
puter racks, segregate critical security functions and limit classi- 
ffed computer access and privileges to those who specifically re- 
quire it. 

In response to our report. Secretary of Bodman established two 
high-level task forces to address our ffndings, and Deputy Sec- 
retary Sell directed an immediate review of policies and practices 
related to computer ports in each of the Department’s facilities. 

The subcommittee requested that we identify other actions that 
could improve security at the laboratory. In short, we concluded 
that the Department should first establish an up-to-date, unified, 
coherent, risk-based security policy that flows throughout all ele- 
ments of the Department. It is essential this policy be applied con- 
sistently and that all aspects of security, physical, cyber and per- 
sonnel be integrated to ensure a seamless system. 

Second, the Department should aggressively hold individuals and 
institutions at both the Federal and contractor levels accountable 
for failure to follow established security policies. Penalties should 
include meaningful reductions in contractor fees, personnel re- 
assignments and terminations, civil penalties, program redirection 
and ultimately — should it be needed — contract termination. 

One final note, one of the most disturbing aspects of this event 
is the fact that it was not discovered by the laboratory but by local 
police during an offsite investigation unrelated to laboratory activi- 
ties. Without this inadvertent discovery, the diversion of classiffed 
material may never have been disclosed. And in that light, the De- 
partment and Los Alamos need to strengthen efforts to proactively 
detect and prevent security breakdowns. This might include, for in- 
stance, first improving the level of monitoring of classiffed com- 
puter use through the application of specialized software which is 
currently available; two, enhancing computer activity logging; and 
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three, initiating a program of unannounced security checks beyond 
routine inspections. 

Admittedly there is a cost involved with such undertakings, but 
it is a cost that may be necessary given the pattern of security 
issues that we have seen at the laboratory. 

Mr. Chairman, this concludes my statement. I would be pleased 
to answer any questions that you may have. 

[The prepared statement of Mr. Friedman follows appears at the 
conclusion of the hearing.] 

Mr. Stupak. Thank you, Mr. Friedman, and I should have prop- 
erly introduced you as the Inspector General for the Department 
of Energy. I appreciate your work. 

Mr. Podonsky is the chief health safety and security officer at the 
U.S. Department of Energy. 

Mr. Podonsky, your opening statement please. 

TESTIMONY OF GLENN PODONSKY, CHIEF HEALTH, SAFETY, 

AND SECURITY OFFICER, OFFICE OF HEALTH, SAFETY, AND 

SECURITY, U.S. DEPARTMENT OF ENERGY 

Mr. Podonsky. Thank you, Mr. Chairman, and Mr. Whitfield, 
and members of the subcommittee, I appreciate the opportunity to 
testify today regarding the improper removal of classified informa- 
tion from the Los Alamos National Laboratory. 

At the time of this incident, when it was discovered, our Office 
of Independent Oversight was conducting scheduled inspections at 
the laboratory’s security, cyber security and emergency manage- 
ment programs. 

As we heard from my colleague, Mr. Friedman, his office con- 
ducted the inquiry into the circumstances surrounding the incident. 

Therefore, I will focus my remarks on our inspection of the lab- 
oratory in terms appropriate for this unclassified hearing. Our 
independent oversight inspection just completed resulted in the 
lowest set of performance ratings for security and emergency man- 
agement topics that we have seen at Los Alamos since 1999. 

That, combined with the history of security problems at Los Ala- 
mos, is of great concern to everyone. 

However, these ratings should not leave this committee to con- 
clude that the laboratory is not protecting their most important na- 
tional security asset. This inspection concluded that special nuclear 
material, an area with historically significant weakness, is ade- 
quately protected. 

Additionally, the ratings in part reflect the fact that our inde- 
pendent oversight inspection process has become more technically 
enhanced and increasingly focused on performance-protection-based 
activities, especially in the area of cyber security and protection of 
classified matter. 

We note some improvements. However, we continue to conclude 
that extensive work remains to ensure that Los Alamos fully meets 
Department’s expectations. While special nuclear materials were 
adequately protected and overall performance of the protective 
force was considered effective, we identified a number of significant 
problems with the protection of classified documents and materials 
and with the configuration of vault-type rooms. It was evident that 
the site is overly dependent on the use of nonstandard storage con- 
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figurations for the protection of many of its classified weapons 
parts. Compensatory measures, established to support approval of 
the nonstandard storage configurations, were found to be inconsist- 
ent and not performing according to plans. 

The overall impact of the deficiencies related to the protection of 
classified matter is substantial. 

Also, while some cyber security enhancements have been made, 
the laboratory’s cyber security policies are not comprehensive and 
not up-to-date with DOE and NNSA requirements, and they do not 
sufficiently address threats posed by emerging technologies. 

Additionally, risk management processes are insufficient, result- 
ing in risk acceptance decisions being made by lower staff mem- 
bers, which is inappropriate. 

In many cases, the protection of classified systems is overly de- 
pendent on administrator controls to mitigate potential insider ac- 
tivity rather than more robust controls and barriers. As a result, 
Los Alamos National Laboratory systems continue to operate at in- 
creased risk from malicious insiders intent on subverting estab- 
lished departmental requirements. 

Another area of concern is the certification and accreditation of 
both classified and unclassified information systems. The Los Ala- 
mos certification and accreditation process has not kept up with 
current methodologies, and existing processes do not ensure a con- 
sistent approach for applying testing necessary security controls. 
For example over 25,000 existing unclassified work stations in 
service at Los Alamos were not certified and accredited. Self as- 
sessment processes are weak, and very few systems actually are 
being tested as part of these assessments. 

Moreover, deficiencies identified during self-assessments are not 
always reported to the Los Alamos site office or NNSA, and devel- 
opment of corrective action plans to address them seems to be op- 
tional. Consequently, there is little in-depth understanding of pro- 
gram weaknesses. Considering the progress made to date balanced 
against the cyber security issues that remain, we conclude that 
strong and aggressive management action is required. 

There does need to be sound new laboratory plans for conducting 
self-assessments and implementing a contractor performance as- 
surance program as part of the contract transition. However, the 
plans are not yet fully implemented. 

In addition, the laboratory does not have an effective process for 
identifying actions for identified deficiencies. Similarly, the NNSA 
site office security survey program is inadequate. In a few cases, 
the laboratory has decided not to comply with departmental re- 
quirements, and the laboratory and NNSA did not utilize the De- 
partment’s mandated deviation process to fully assess and accept 
risks associated with these decisions. 

The recent inspection results illustrate some improvement. How- 
ever, the most important national security asset at Los Alamos 
must be recognized to be protected, and that is the special nuclear 
material. 

Nevertheless, significant and disturbing protection and emer- 
gency management program deficiencies continue to exist at Los 
Alamos that require prompt attention, forceful and sustained man- 
agement actions, and corrective actions to be followed. 
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We have heard all too often from a long line of DOE managers 
how serious LAND issues are and changes are needed. However, 
Mr. Chairman, it is my professional opinion that no one now or 
previously in the Department has had the commitment, the dedica- 
tion, and absolute resolve to change the way this department is 
managed and the way this laboratory is managed than Secretary 
Bodman and Deputy Secretary Sell. It is imperative that the NNSA 
and the Los Alamos site office in particular follow the leadership 
of the Secretary and the Deputy Secretary and must immediately 
enhance NNSA capabilities to effectively oversee the contractor 
performance now and in the future. 

Mr. Chairman, one other note, in the course of this hearing, 
there may be privacy issues that arise, and I would like just to rec- 
ognize that Eric Fygi from General Counsel is here and represent- 
ing the Department. 

[The prepared statement of Mr. Podonsky appears at the conclu- 
sion of the hearing.] 

Mr. Stupak. Thank you. 

Before we move to our next witness, we should note that Con- 
gresswoman Heather Wilson from New Mexico is a member of the 
full committee, but not on the subcommittee, but we welcome her 
participation here today. Thank you. 

With that, we will next hear from Ms. Danielle Brian, executive 
director of Project on Government Oversight. 

Ms. Brian. 

TESTIMONY OF DANIELLE BRIAN, EXECUTIVE DIRECTOR, 
PROJECT ON GOVERNMENT OVERSIGHT 

Ms. Brian. Thank you for inviting me to testify today. 

I am Danielle Brian, executive director of the Project on Govern- 
ment Oversight. We have been investigating and exposing security 
failures in the nuclear weapons complex since 2001. 

Despite the creation of NNSA, security failures have continued 
to plague the complex, especially at Los Alamos. Now NNSA Ad- 
ministrator Linton Brooks has been asked to resign, and our Na- 
tion’s secrets have been mishandled by Los Alamos again. Not only 
have NNSA and U.C. failed to correct security issues, but now 
there will be even less oversight of Los Alamos as a new pilot pro- 
gram has been implemented at Los Alamos in which oversight has 
been handed over to the contractor themselves. Perhaps this new 
legislation that Congressman Barton has introduced could help 
turn the tide on this disregard for Federal oversight. 

Since 2001, there have been at least seven instances in which 
classified information was mishandled at Los Alamos, and I suspect 
there were many others that have simply flown below the radar. 
Classified computer disks have gone missing. Computers that may 
have contained classified information have somehow disappeared 
from lab property, either having been stolen or lost. Classified in- 
formation has been transmitted through unsecured e-mail, and the 
list goes on. 

The cybersecurity episode has occurred on average nearly once a 
year since POGO began its investigations, and all of these in- 
stances occurred after the infamous episode of the two missing 
hard drives which were later discovered behind the Xerox machine. 
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Now, in the recent incident, a subcontractor employee freely took 
over 200 pages of hard-copy, classified documents and over 400 
classified documents on flash drives to her home, which she shared 
with a drug dealer. This could only have happened if there were 
a complete collapse of multiple supervisory and security systems. 
It was only by happenstance that she was caught, not because an 
effective security system was in place. We would never have known 
about the security breach if it hadn’t been for a domestic disturb- 
ance. 

Furthermore, we have no way of knowing how many other in- 
stances like this there are out there that we don’t know about. It 
is important to remember that NNSA attempted to keep this inci- 
dent secret from Congress and the public until POGO learned 
about it 8 days after the local police raid. 

After the most recent security incident, a cybersecurity audit was 
launched, and according to a lab e-mail from just a few days ago 
that I asked to be submitted for the record, quote, “As a result of 
the preliminary findings of the cybersecurity audit” — this is just a 
week and a half ago — “LANL has agreed to suspend all non- 
essential classified, computing activities for at least the next 48 
hours by the close of business today.” 

And this is not the first time security failures have significantly 
impacted operations at the lab. In 2000, then-Secretary Bill Rich- 
ardson announced a new system so that there would no longer be 
classified, removable electronic media to be lost or stolen. The labs 
essentially ignored the order. In May 2004, then-Secretary Abra- 
ham announced that the complex was going to have a new system 
doing essentially the same thing. Again, the labs essentially ig- 
nored the order. I suspect Secretary Bodman will soon be announc- 
ing a new initiative to solve cybersecurity problems, and I am sure 
he is genuine in his beliefs that his directives will fix the problems, 
but those of us who have been around for a while have reason to 
be skeptical. 

In addition to cybersecurity failures, Los Alamos continues to 
suffer from a litany of other problems, and while Los Alamos is a 
big problem, it is by no means the only problem in the nuclear 
weapons complex as other sites are also currently facing their 
share of serious problems. 

Despite these other sites that urgently need attention, Los Ala- 
mos does stick out as the bad child. Why? There is a joke around 
the complex that goes something like this: The Secretary of Energy 
tells the three national labs to jump. Sandia asks, how high? Liver- 
more makes an excuse for why it is too busy to jump, and Los Ala- 
mos asks who the Secretary of Energy is. 

Los Alamos sticks out as the bad child because of its consistent 
and utter disregard for Federal oversight. At this rate, as was men- 
tioned before, we can all schedule next year’s hearing right now 
given the likelihood we will still be discussing problems at Los Ala- 
mos unless the entire incentive system is reversed. 

I have enumerated in my written testimony a number of specific 
recommendations, but in the interest of time, to highlight them, 
first is that NNSA, or perhaps simply the Department of Energy, 
needs to make it a priority to fund oversight and promote Federal 
employees who are thorough in their oversight work. In its current 
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state, the Los Alamos site office is nonfunctional. There are over 
20 vacant Federal positions in that office. 

Officials should also be held accountable if they do not imple- 
ment the recommendations made by the two gentlemen who are 
sitting at the witness table, the Department of Energy’s Inspector 
General and the Office of Health, Safety, and Security. As we have 
mentioned before, there are numerous reports that have been 
issued on these issues, but no one gets in trouble when they don’t 
do anything about what these people have recommended. 

The Performance Incentive Fee in the Los Alamos contract 
should be recalculated and equally weighted to reflect the equal im- 
portance of accomplishing the mission with ensuring security and 
doing so safely. Of the $51 million that is currently on the table 
for fiscal year 2007 in the performance fee for the Los Alamos 
budget, only 6 percent, or $3 million of that amount, is tied to secu- 
rity. Fortunately, that small percent is not set in stone and should 
certainly be revisited and dramatically increased. At the very least, 
DOE should cut the Performance Incentive Fee for the most secu- 
rity — for the most recent security debacle at Los Alamos. 

DOE should also be disallowing costs — this is a cost-reimburs- 
able contract, so they should be disallowing costs with Los Alamos’ 
as failure to perform adequately. 

POGO also recommends that the “at will” employment provision 
at Los Alamos be changed for their employees because currently, 
if an employee is the bearer of bad news to management, the em- 
ployee can be fired at will, creating exactly the wrong incentives. 
This is an important issue for the committee to be conscious of as 
it is of particular concern for Livermore employees who are not cur- 
rently operating under this condition, but, as you see, appears to 
be poised to retain the contract at Livermore. There is, in fact, con- 
cern that this will now affect or be affected for the Livermore em- 
ployees as well. 

I am thrilled that the committee has already undertaken our 
next recommendation to audit the missions currently being con- 
ducted at Los Alamos. I think that’s a very important effort the 
committee is undertaking. 

In closing, DOE will soon be submitting a request of $150 billion 
to fund a wildly ambitious project to revamp the nuclear weapons 
complex known as Complex 2030. Before any funding for further 
expansion is approved, I respectfully suggest that Congress must 
have confidence in the mission and in the ability of the complex to 
carry out that mission safely and securely. 

Thank you. 

[The prepared statement of Ms. Brian appears at the conclusion 
of the hearing.] 

Mr. Stupak. Thank you. 

We will begin questioning. 

Mr. Eriedman, your investigation of the recent incident at Los 
Alamos revealed the lab security framework was seriously flawed. 

For example, is it true that a number of key areas, including se- 
curity policy, was nonexistent, applied inconsistently or not fol- 
lowed? 

Mr. Friedman. That is correct, Mr. Chairman. 
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Mr. Stupak. In 2004, the lab was shut down when we did this 
massive review. Wasn’t that one of the recommendations in 2004? 

Mr. Friedman. It was, and actually you could trace it back to 
1999, in essence. 

Mr. Stupak. Then what is it? Why are we having such problems 
with Los Alamos? As Ms. Brian says. Secretary Richardson gave an 
order. Secretary Abraham, now Secretary Bodman, and we have 
been reassured by Mr. Podonsky that things are going to change. 
For instance, in 1999 — that’s, what, 8 years now — there have been 
11, 12 hearings. Any answers? 

Mr. Friedman. Well, I use — I thought the ultimate question 
would come a little bit later. I didn’t expect it on the third ques- 
tion, Mr. Chairman. 

Mr. Stupak. I’ve only got 8 more years to mess around, but we 
don’t with this lab. 

Mr. Friedman. Of course, it is an issue that we have thought 
about a great deal. We devote a lot of resources to Los Alamos, and 
you and I have had this discussion before, obviously. 

I think one of the problems that we’ve found consistently is the 
question of sustainability, Mr. Chairman, if I can put it that way, 
use that term. There are a lot of good intentions. People start off 
with the right set of principles. They have new policies, new proce- 
dures that they begin to implement, and the implementation be- 
gins, but there is not the stay with it, the closing the deal, the sus- 
tainability that is necessary to go from a good idea to implementa- 
tion, to execution, and to consistency, and I tend to think that’s one 
of the fundamental problems that we have seen at Los Alamos over 
time. I said there are good starting principles, but no follow- 
through, a lack of follow-through. 

Mr. Stupak. There is a lack of follow-through because of turn- 
over in personnel, or we lose interest in the principles that we are 
supposed to put forth? 

Mr. Friedman. I think it’s the latter rather than the former. Cer- 
tainly there is a turnover in personnel, but I don’t think — my sense 
is that is not the heart of the problem. 

Mr. Stupak. Well, in your recently released report on Los Ala- 
mos, in doing your work your team uncovered a number of much 
broader concerns than merely the concerns related to the October 
incident. Let me read from your report, and I am quoting now. 

It says, “Our review revealed a serious breakdown in core labora- 
tory security controls,” and your report reached the conclusion, and 
it states, “In short, your findings raise serious concerns about the 
laboratory’s ability to protect both classified and sensitive informa- 
tion systems.” 

I presume you still stand by that report and that conclusion? 

Mr. Friedman. Yes. Yes, we do. 

Mr. Stupak. There has been a lot of talk this morning about 
maybe we should just change the focus of this lab, or some of the 
missions must be shifted to other labs like Sandia. It is a very, 
very large complex. 

Your thoughts on that suggestion. 

Mr. Friedman. Well, I am not here, Mr. Chairman, as a shill for 
the laboratory, but as a number of members of the sub committee 
have identified this morning, it is an extraordinary institution. 
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Sixty-three percent of the people there or thereabouts have post- 
graduate degrees. They’re eminent scientists. Last year lab person- 
nel won, I believe, five R&D 100 awards. There are 28 E.O. Law- 
rence Award winners there. 

It is an extraordinary institution, and I caution, if I might, that 
before we do anything truly radical — and I understand the motiva- 
tion and where it’s coming from — that we make sure we balance so 
that we don’t throw out the baby with the bath water, if I can put 
it that way. So I hope that we give the new contractor — I mean, 
after all, this took place 2 months ago. When we last spoke, Mr. 
Stupak, we agreed that the new contractor was coming on board, 
and they deserved an opportunity to turn the situation around. 
This series of events occurred within 2 months or 3 months after 
they took over. They identified a number of preconditions — pre- 
existing conditions that concerned them before they assumed re- 
sponsibility, and cybersecurity was one of those preconditions. 

I am hopeful that we can give them a chance, with increased 
Federal intervention and oversight, to do what they were hired to 
do, which was to enhance dramatically the management of the lab- 
oratory, including better security and better cybersecurity specifi- 
cally. 

So I understand, at some point down the road, a more dramatic, 
a more radical departure may be warranted conceivably, but at this 
point I hope we give them the benefit of the doubt, at least for a 
period of time, recognizing that the problem that we face here is 
a very, very serious national security problem. 

Mr. Stupak. Sure, but if it wasn’t for the Los Alamos County Po- 
lice Department, we would not even know about this incident. How 
many other breaches are out there that we do not know about be- 
cause there has been no mechanism in place to detect it, or even 
if it was detected, from your testimony, no one at the lab seems to 
want to follow up on it? 

Mr. Friedman. I said in my testimony that one of the most 
frightening parts of this whole incident is that, had it not been for 
an inadvertent set of circumstances totally unrelated to this issue, 
we might not have known about it today. We might never have 
known about it, and that is a frightening thought. And we have 
identified a couple of suggestions of a more intense activity logging 
at the laboratory and monitorship with new software that can be 
costly, but may be necessary to make sure that other breaches, 
other similar breaches, are not occurring. Prevention is the key, in 
my view. 

Mr. Stupak. OK. My time is up. Hopefully we will go around for 
a second round. 

Next let me turn to the ranking member, Mr. Whitfield from 
Kentucky. 

Mr. Whitfield. Thank you very much, Mr. Chairman, and I 
thank the witnesses for their testimony this morning. 

All three of you have extensive experience in this area, and the 
consensus appears to be that Los Alamos is sort of, for lack of a 
better term, the problem child. All of these weapons labs have had 
some problems, but the Los Alamos problems seem to be more seri- 
ous and certainly more frequent. And I know that the University 
of California does manage the Lawrence Livermore — has the con- 
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tract for that, and for 60-some years had the contract at Los Ala- 
mos and now is a 50-percent participant in the new consortium. 

That’s correct, isn’t it? 

Mr. Friedman. That is roughly correct, yes. 

Mr. Whitfield. OK. Now, just from your personal experience, 
how would you explain if you were talking to a Rotary Club in 
Hopkinsville, KY, what your theory is as to why Los Alamos has 
so many breaches when you have had, for many years, the same 
management contract responsibility at both Los Alamos and Liver- 
more? 

I would like to ask each one of you to just give me your impres- 
sions as to why that is the case. 

Mr. Friedman. Well, I don’t, Mr. Whitfield, have a good answer 
for that question. I mean, it is an extremely important question, 
and despite spending years at looking at all of the laboratories, I 
don’t have a good answer. I wish I did. I think it would get to the 
heart of the cure. 

But what I would say is that Los Alamos is slightly different. I 
think Livermore — and I might be wrong about this — is essentially 
located on 1 square mile of territory. Sandia is larger, but I think 
none of them have the diversity, the geographic diversity, if noth- 
ing else, and that may be a contributing factor to the problem. I 
mean, as we have pointed out in the testimony, and as has been 
discussed earlier, we found, I believe, 2,700 classified computing 
environments. We have long taken the position that closing, reduc- 
ing the footprint is the way to go, and it may well be that the num- 
ber of classified computing environments, the number of classified 
materials that are there in sheer numbers, may be part of the 
problem. 

Mr. Whitfield. What about you, Mr. Podonsky? What would be 
your thought. 

Mr. Podonsky. Well, sir, to put it in context, we’ve been inspect- 
ing independently the operations of this lab as well as the entire 
complex now since 1984, and our observations and continuing 
issues that have developed is the lack of accountability, which is 
why I say in my opening testimony and why the committee here 
all talks about the preceding managers that have come up and 
make the statements about, now we did it, now we are serious, 
which is why I made a very poignant statement that I do believe 
that Secretary Bodman and Deputy Secretary Sell not only are as 
committed as previously, but they are taking action. I have been 
through a number of previous Secretaries through all of these 
incidences and come up with great plans, but they don’t get con- 
verted into action. 

Mr. Whitfield. OK. 

Mr. Podonsky. So, specifically to your question, sir, I would say 
that it’s accountability and holding people responsible for the jobs 
that they have out there, and we have not seen that consistently 
at Los Alamos through the years and at some other places, but pre- 
dominantly at Los Alamos. 

Mr. Whitfield. Can I assume that you and Mr. Sell and Mr. 
Bodman are supporting the Barton-Dingell-Stupak- Whitfield legis- 
lation to remove NNSA from the equation. 
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Mr. PODONSKY. I can’t speak for the Secretary or for the Deputy 
Secretary. I can only speak for myself, and I have not seen that 
correspondence. 

Mr. Whitfield. OK. 

Ms. Brian, what about the question? 

Ms. Brian. I have been struggling with this question for a while 
myself. I think it is a combination, as I mentioned in the joke that 
goes around, that there is a different attitude at Los Alamos, and 
I think because of that different attitude, they are more difficult at 
the Federal level to manage. And I think the bottom line is when 
you get the push-back from Los Alamos, and the Federal structure 
is not there, really, with the willingness to stick with them and de- 
mand change, I think that is where there is really the breakdown 
that I think we can be enforcing on. 

Mr. Whitfield. OK. 

Mr. Podonsky, let me ask a question. In 2004, Los Alamos was 
closed down for 6 months because of security breaches. What was 
the dollar amount of the penalty that the University of California 
system had to pay at that time for that breach? 

Mr. Podonsky. I am not aware of what the penalty was, sir. 

Mr. Whitfield. Who would know that. 

Mr. Podonsky. I believe the next panel — or the third panel 
would. 

Mr. Whitfield. OK. 

Mr. Barton. Would the gentleman yield on that? 

Mr. Whitfield. Yes, sir. 

Mr. Barton. Was there any penalty? 

Mr. Podonsky. Mr. Barton, I’m not aware of any penalty that 
was associated with this shutdown. 

Mr. Barton. So there was zero penalty then? 

Mr. Stupak. If the gentleman would yield, it cost the taxpayers 
$350 million. Who paid for that other than the taxpayers? Are we 
back with the same problems? 

Mr. Whitfield. My time has expired. 

Mr. Stupak. I thank the gentleman. 

Mr. Dingell, questions? We are doing 5 minutes now, and we’ll 
go another round. 

The Chairman. Mr. Chairman, thank you for the courtesy. 

I find this again, as I indicated, sort of a Groundhog Day or per- 
haps deja vu all over again. 

Mr. Podonsky and Mr. Friedman, I would like to summarize 
some of the key findings of your recent work at Los Alamos. 

Mr. Friedman, isn’t it correct that your team went out to inves- 
tigate the event, and that you, in fact, spent a relatively short pe- 
riod of time on the ground, yet in that short period you found a lot 
of serious problems at the site? Is that correct? 

Mr. Friedman. That’s correct, Mr. Chairman. 

The Chairman. Mr. Friedman, in fact, didn’t your investigation 
of the recent incident reveal that in a number of key areas that se- 
curity plans and policies were either applied inconsistently or not 
followed in some cases or, in others, nonexistent? 

Mr. Friedman. That is correct. 

The Chairman. Mr. Friedman, isn’t it true that your audit re- 
vealed that the critical cybersecurity internal controls and safe- 
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guards were not functioning as intended at various places across 
the LANL? 

Mr. Friedman. Yes, sir. 

The Chairman. Now, Mr. Friedman, isn’t it also correct that 
monitoring by both the laboratory and Federal officials was also 
found to be inadequate or, in other cases, nonexistent? 

Mr. Friedman. It was. 

The Chairman. Isn’t it correct also, Mr. Friedman, that even 
though the network engineering officials and others within the 
lab’s Chief of Information Office expressed concerns about open 
ports and problems with managing tamper-indicating devices, and 
these concerns were largely ignored by LANL officials? 

Mr. Friedman. Yes. And can I elaborate on my answer on that 
one, Mr. Chairman? 

The Chairman. Now, Mr. Podonsky, I believe your testimony also 
says that Los Alamos received the lowest set of performance rat- 
ings for security and emergency management since 1999; is that 
correct? 

Mr. Podonsky. Yes, sir. 

The Chairman. Now, Mr. Friedman and Mr. Podonsky, both of 
you know that I’ve been working at this security problem for more 
than a little while. 

Mr. Podonsky, you indicated Los Alamos received some of the 
lowest scores since 1999 on security issues. 

Mr. Friedman, your report found that there was a core break- 
down of Los Alamos’ ability to protect classified information. 

That’s correct, is it not, gentlemen? 

Mr. Friedman. Yes. 

Mr. Podonsky. Yes, sir. 

The Chairman. Would you like to tell us what is going on here? 
And we are going to ask the Secretary why we need to keep on 
having these hearings. 

What comments do you have, gentlemen? 

Mr. Friedman. Well, I think your series of questions, Mr. Chair- 
man, from my perspective, basically outline — as you say, we have 
been on the ground for a relatively short period of time, although 
we have a resident staff at Los Alamos who spend a lot of time 
there, but to say that the system we found in place was inadequate 
to protect the material is an accurate reflection of what we found. 

The Chairman. Mr. Podonsky, are you going to comment? 

Mr. Podonsky. Yes, sir. I do not disagree with your statements. 
The only thing I would like to again point out to the committee is 
that, when our inspection team was at the site, we again did deter- 
mine that the nuclear material was protected, and that’s not insig- 
nificant. That is something, Mr. Chairman, as you’ll recall back in 
the 1980’s we paid a lot of attention to. That doesn’t make it a good 
story, because the classified matter is something of grave concern 
to all of us, and as my colleague Mr. Friedman has talked about, 
we do believe that Los Alamos has a mission to perform for the 
country, but the security performance that they’ve demonstrated 
inspection after inspection continues to leave us concerned and baf- 
fled. 

The Chairman. Now, I would like to direct this to the panel, but 
with particular emphasis to Danielle Brian. 
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A statement here says this, 

Now, in the most recent incident, a subcontractor employee freely took over 200 
pages of hard-copy, classified documents and over 400 classified documents on flash 
drives to her home, which she shared with a drug dealer. This could only have hap- 
pened if there was a complete collapse of multiple supervisory and security systems. 
It is only by happenstance that she was caught, not because of an effective security 
system in place. We never know — we would never have known about this security 
breach if it hadn’t been for a domestic disturbance. 

Then she goes on to say this, 

Furthermore, we have no way of knowing how many other incidences like this are 
out there or have flown below the radar. It is important to remember that NNSA 
attempted to keep this incident secret from Congress and the public until POGO 
learned about it about — learned about it 8 days after a local police raid. 

Then here, as a side note. 

If media reports and statements by investigators are accurate, this most recent 
case points to extraordinary failures in the personnel security clearance process in 
addition to cybersecurity failures at the lab. 

Now, my concern here is we seem to have a situation where the 
process has broken down, whether there just is a lack of will or 
there isn’t a competence on the part of the agency to do what needs 
to be done. Would you each like to tell us what your feelings are 
on this matter? 

Could I just ask for 1 minute more, Mr. Chairman, please? 

Mr. Stupak. Without objection. 

The Chairman. What do you have to say, ladies and gentlemen? 

Ms. Brian. Well, that is what I had to say. 

I think the problem here is a combination of extraordinary break- 
downs. Maybe the systems aren’t even there, and it’s not a case of 
broken systems, but I am also equally concerned that at the time 
this was becoming known at Los Alamos, there was a real effort 
to make sure that people in the Congress didn’t know about it. 
They were hoping they would make this go away. 

The Chairman. Thank you. 

Mr. Podonsky and Mr. Friedman. 

Mr. Podonsky. We did not investigate the actual circumstances. 
As I said in my testimony, Mr. Friedman did the investigation. We 
were there doing a comprehensive safeguard security inspection 
which gave us an overall, comprehensive review of the various top- 
ics, but we did see clearly the laboratory suffering from a lack of 
policies, procedures, adequate management, adequate oversight — 
both contractor and Federal — and all of that would contribute, we 
believe, to the incident that the Inspector General investigated. 

The Chairman. Thank you. 

Mr. Friedman. 

Mr. Friedman. Mr. Chairman, you made a point in your earlier 
questioning that I wanted to comment on which I think would re- 
spond to this question as well. 

You pointed out, which was a good read of our report if I may 
say so, that we found that, I think it was in the March 2006 time 
frame, there was e-mail communication, within the laboratory 
about the concern about open ports. So, in other words, the institu- 
tion itself identified that as a problem, and there was a fair 
amount of traffic, e-mail traffic, on that issue. 
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And it gets to the point that I was trying to make earlier about 
closing the deal, sustainability and the ultimate fix, and that is 
that, tragically, even though it was discussed extensively — and I 
think it was in March 2006, and I don’t have that instant recall. 
I think that’s the right date — no one took it to the next step, which 
is to make sure that the proper fix was implemented to address the 
concern. Now, it was not of universal concern. There were people 
at the laboratory who didn’t think the open ports were a serious 
problem, but there were enough people who did, and it would seem 
to me — and I think this is, perhaps, revealing as to the essence of 
the problem — that they didn’t address the problem then and re- 
solve it. 

The Chairman. Your comments earlier in response to a question 
were that we ought to give the laboratory the benefit of the doubt. 
I wonder if, after this commentary, you are in agreement that we 
ought to give them the benefit of the doubt. 

Mr. Friedman. Well, I think I’m the one who said it, Mr. Chair- 
man, so I will stand by the statement. 

First of all, I think the laboratory is an extraordinary institution, 
and second, I think that in fairness — and believe me, I am not 
here — I probably write more critical reports about Los Alamos than 
anyone, but in fairness, I think the new contractor is really brand 
new, was brand new when this occurred, and they deserve an op- 
portunity to try to fix the problem, and if they can’t fix the prob- 
lem, I’d be the first one to sit before you and tell you that a much 
more radical solution needs to be tried. 

The Chairman. Thank you, Mr. Chairman. 

Mr. Stupak. Next, Mr. Barton from Texas. 

Mr. Barton. Thank you. Some of the statements just kind of 
strain credulity. 

Mr. Friedman, who was the old contractor? 

Mr. Friedman. The University of California. 

Mr. Barton. Who is the new contractor? 

Mr. Friedman. I think it’s a consortium. I believe it’s a lim- 
ited — 

Mr. Barton. Come on. Who is the new contractor? It is the Uni- 
versity of California. They’ve got a consortium, and there may be 
some different players, but the University of California has had 
this contract for 60 years. They were the old contractor; they are 
the new contractor; is that not correct? 

Mr. Friedman. Well, I 

Mr. Barton. Yes or no? 

Mr. Friedman. No, actually. 

Mr. Barton. It’s not? 

Mr. Friedman. No. 

Mr. Barton. They are not part of it? 

Mr. Friedman. They are the primary science player, there is no 
question about that, but the whole concept, as I understand it 

Mr. Barton. They have 50 percent of the contract. 

Mr. Friedman. That’s true, but it 

Mr. Barton. The person who has been moved to the new — who 
is the new lab director is a University of California employee. 

Mr. Friedman. That is correct. 
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Mr. Barton. The Bechtel individual, who is the top person, has 
already left; is that correct? 

Mr. Friedman. That is correct, yes. 

Mr. Barton. Now at least be honest with the committee. 

Mr. Friedman. Well, I have tried to be honest, Mr. Chairman. 

Mr. Barton. This semantics about old and new is an affront at 
least to me. My gosh. Is it not true that under the new contract 
the performance part of it is at risk if there is a security lapse? 

Mr. Friedman. Well, let me give you the read of the contract as 
I understand it, Mr. Barton, and there are people at least on the 
third panel who are the negotiators of the contract who can give 
you more detail. 

In its full bloom, my understanding is there’s about a $70 mil- 
lion-a-year potential award fee, 30 percent of which, as I under- 
stand it, is 

Mr. Barton. It is $73,280,000 to be exact. 

Mr. Friedman. As I understand it, 30 percent of it is fixed, and 
70 percent is at risk. That’s the way I understand the formulation 
of the contract. I believe there also is a provision — and I’m not an 
expert on the contract. There are people here who are. I believe 
there are provisions that, in extraordinary circumstances, at least 
the entire at-risk portion can be withheld from the contract. 

Mr. Barton. Is it not true that, in your testimony, you suggested 
that there’d be a serious withholding of the incentive part of the 
contract? 

Mr. Friedman. Yes, sir, I did. 

Mr. Barton. Do you want to put a number on that? How serious 
is “serious”? The safeguard and security execution part of the mis- 
sion success is $3 million. 

Mr. Friedman. Yes. 

Mr. Barton. Is that serious, or do you think “serious” would be 
$10 million? 

Mr. Friedman. No, I think it may be $3.8 million, Mr. Chairman, 
but I don’t think that’s serious money. 

Mr. Barton. Mr. Stupak is the chairman. I am the ranking 
member. 

Mr. Friedman. Mr. Ranking Member then. I apologize. 

Mr. Barton. I’m just at a loss here. 

I’m going to ask Mr. Podonsky something. 

The gentle lady next to you indicated that the contractor at the 
site office has 20 vacancies. Is that your understanding? 

Mr. Podonsky. I do not know the exact number, but, yes, I do 
know that they are short. 

Mr. Barton. What is the number — what would be the full com- 
plement? Is it like 40 people at the site office, 100 people? 

Mr. Podonsky. Mr. Barton, I do not have that number. That 
would be — the NNSA would have that number, but I would just tell 
you that I do know that they’re short on qualified Federal staff. 

Mr. Barton. OK. 

Ms. Brian, do you know how many people would be the full com- 
plement if they were fully manned at the site office? 

Ms. Brian. I don’t know. I do know that of the 20 vacancies, a 
large percentage of them are in the security and safety area for the 
site office. 
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Mr. Barton. Does that, to you, indicate that the Department is 
serious and the new contractor is serious about this? 

Ms. Brian. Well, that’s actually the Federal Government. 

Mr. Barton. I understand that. 

Ms. Brian. So my worry is that DOE isn’t serious or NNSA. 

Mr. Barton. OK. Could we get that information, what the total 
staffing is and what these vacancies are? 

Mr. Podonsky, do you think that we ought to fill those slots? 

Mr. Podonsky. Yes, sir. I think that they need to he filled with 
the right qualified people because this laboratory needs appropriate 
Federal oversight from the NNSA. 

Mr. Barton. My time has expired, Mr. Stupak. 

Mr. Stupak. I thank the gentleman. 

Ms. DeGette. 

Ms. DeGette. Thank you very much, Mr. Chairman. 

Mr. Friedman, I wanted to ask you some questions about what 
you had said in response to several of the other Members’ ques- 
tions. 

The first thing is you said that we really need to give this new 
contractor a chance, and that we need to — if we need to do some- 
thing dramatic, we should do it down the road. So I’m kind of won- 
dering how long is that road, because I’ve been sitting here in this 
subcommittee since 1999 hearing these assurances. I understand 
what you’re saying about the quality of people that we have there 
and the high-level work that’s going on, but how much longer do 
you think we need to be patient? How much longer do we need to 
give these folks to fix these problems? 

Mr. Friedman. Well, my view is, from the start date, it should 
be probably 1 year. 

Ms. DeGette. One year from June? So until this June? 

Mr. Friedman. This June, yes. 

Ms. DeGette. And do you think that — and my second question 
is how will we know if the new contractors have fixed the problem? 
Will we know that if the local law enforcement authorities bust 
some people or if the local newspapers have an expose? How are 
we going to know if the problem’s been fixed? 

Mr. Friedman. Well, with 12,000 people there, you may never 
know for sure. I understand that, but I think in the next 6 months’ 
time what will be devoted by the Department is an intensive exam- 
ination of all aspects of the function of the lab to make sure that 
the problems have been addressed. 

Ms. DeGette. Well, do you think we haven’t had that intensive 
examination in the many past times that we’ve worked on this? 

Mr. Friedman. I do not think we’ve had that intensive examina- 
tion. 

Ms. DeGette. That’s just appalling to me because they closed 
down the lab after we visited in 2004, and you don’t think they did 
that intensive examination? 

Mr. Friedman. Well, I think they did an intensive examination, 
but the point I’ve been trying to make is that, once they did the 
intensive examination, did they sustain an aggressive program to 
address the problems that were identified, and that’s the concern 
that I’m expressing today. 
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Ms. DeGette. Do you have some specific recommendations as to 
what the Department can do to do this intensive examination with- 
in the next 6 months? 

Mr. Friedman. Yes. 

Ms. DeGette. Would you mind supplementing your responses by 
delineating those specific things that the Department can do? 

Mr. Friedman. Certainly. 

Ms. DeGette. Thank you. 

Ms. Brian, what is your view about all of this that we should 
give some time for the Department to clean this up, and then it’ll 
be fixed? 

Ms. Brian. I respectfully disagree with Mr. Friedman. 

I think that the first thing is that the DOE needs to get its house 
in order and NNSA, and then I think the contractor will ultimately 
follow in line. I just think that the Government hasn’t been doing 
its end of the job. 

Ms. DeGette. And what do you think the Government can do? 

Ms. Brian. I think we need to have sincere — well, one of the 
things that I think is really important is that a lot of these issues, 
as I discussed in my written testimony, are infuriatingly familiar. 

Ms. DeGette. Right. 

Ms. Brian. We’ve known about these problems before. We’ve had 
IG and various iterations of Mr. Podonsky’s office make rec- 
ommendations, and nothing has — no one has required the people at 
NNSA to actually implement these recommendations. We’ve had 
Secretaries — in fact, the issues that — I think it was Mr. Walden 
who was raising them with the glue sticks. Those were the kinds 
of things that were supposed to have been dealt with back with 
Secretary Richardson 

Ms. DeGette. Right. 

Ms. Brian [continuing]. And they’ve been buying new computers 
for the last 10 years with the USB ports because, as I learned, the 
people who were in charge of buying the computers at Los Alamos 
weren’t really talking to the cybersecurity people to realize that 
they didn’t want to have computers with USB ports. 

Ms. DeGette. Mr. Podonsky, do you have a view on that? Do you 
think this problem can be fixed in 6 months without any substan- 
tial changes? 

Mr. Podonsky. No. We do believe that there needs to be substan- 
tial changes, and we do believe that this Secretary and the Deputy 
Secretary are moving towards that direction. They’re not just prom- 
issory notes of the past. We’ve seen actions taken that we have 
never seen in 25 years of this Department where people were actu- 
ally held accountable. 

You do need to have performance measures that the contractor’s 
held accountable against. We also have an enforcement function 
within the office that we also need to employ. 

So there are a lot of — a lot of tools for the Department to exercise 
now and get on with fixing the laboratory together with fixing the 
NNSA and the policy of the Department. 

Ms. DeGette. Do you think, Mr. Friedman, that the physical 
size of Los Alamos is a problem? 

Mr. Friedman. Yes, I think it’s a challenge. 
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Ms. DeGette. And what can we do to deal with that challenge, 
do you think? 

Mr. Friedman. Well, first of all, we can make a concerted effort 
to consolidate functions, reduce the number of vaults, reduce the 
number of classified computing environments. I don’t know how 
practical that is. I think it’s something that we need to look at very 
carefully. 

Ms. DeGette. Thank you. 

Mr. Friedman. Second, I think we need to enclose the footprint 
so that the security perimeter is reduced so physical security will 
be — will be somewhat easier. 

Ms. DeGette. Mr. Chairman, I think a good time for a follow- 
up hearing — I mean, we should have some interim ones, but we 
also need to have one in June to mark the 1-year anniversary and 
see how they fixed all these problems. 

Mr. Stupak. Mr. Burgess, questions? 

Mr. Burgess. Thank you, Mr. Chairman. 

Mr. Podonsky, we have been through — I have been through at 
least 2 years of these travails, and it seems like every security inci- 
dent that has been reviewed has been by an employee who has re- 
ceived a security clearance; is that correct? 

Mr. Podonsky. My recollection is that predominantly cleared in- 
dividuals have been violating DOE’s requirements. 

Mr. Burgess. Was that the case in this most recent event in Oc- 
tober? 

Mr. Podonsky. I believe so. 

Mr. Burgess. OK. And the individual who claimed assault at the 
bar a couple of years ago, was that also an individual who had 
been cleared? 

Mr. Podonsky. I believe that is the case. 

Mr. Burgess. Is there a problem with how we’re granting clear- 
ances to — how NNSA is granting security clearances? 

Mr. Podonsky. The personnel security process is one of — the 
task force that the Secretary initiated at the beginning of this 
event after Mr. Friedman’s report was to look at personnel secu- 
rity, specifically at the case in question as well as DOE-wide. Con- 
currently there was a review that had begun by Deputy Secretary 
Sell in May of last year where we were looking at personnel secu- 
rity processes. 

So the short answer is, yes, we do believe that personnel security 
processes within the Department and, in fact, the entire executive 
branch which are being looked at by the 0MB right now are some- 
thing that we need to get on with, and that’s what we’re doing, and 
we’re going to be making recommendations to the Secretary and 
the Deputy Secretary at the end of February of what to do with the 
personnel security program within the Department of Energy. 

Mr. Burgess. Will that include any type of program that looks 
at cleared individuals in an ongoing fashion? 

When I was there in July 2005, it was right after the credit card 
abuses came to light, and it appeared, as I recall, that those were 
cleared individuals who had then subsequently developed either do- 
mestic problems or substance abuse problems that led them to mis- 
use the credit cards, and you can just imagine that other things 
may have happened also as a result. 
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So will there be an ongoing evaluation? 

Mr. PoDONSKY. The recommendations that, I believe, are coming 
out of the task force will be covering both from the beginning of 
hiring all the way through current employees so that we have an 
ongoing review of people holding clearances. 

Mr. Burgess. Inspector Friedman, do you think, in retrospect — 
I reference the RFP process that the lab just went through. Chair- 
man Barton also referenced the contractor. Do you think that was 
an open and fair process? 

Mr. Friedman. Frankly, Dr. Burgess, I have no information that 
it was not. Unfortunately, there were two proposals, as I under- 
stand it, in the final field, but I have no reason to believe it was 
not open and fair. I have no information to that effect. 

Mr. Burgess. Would that be in the purview of the Inspector Gen- 
eral’s Office to know that, or is that outside your capabilities? 

Mr. Friedman. No, it’s not outside our capabilities, and, by the 
way, if there had been concerns by proposers that were not consid- 
ered, it would not be unusual for us to get complaints about that, 
and to the best of my recollection, and I could be wrong about this, 
I don’t think we received any complaints along those lines. 

Mr. Burgess. And yet some of just the traffic from the bloggers 
on line — and I realize that that carries its own inherent dangers, 
but there is some question as to whether or not the current con- 
tractor was, in fact, the best one and is the best one going forward. 

Again, I don’t know whether it’s the purview of this committee 
to investigate that process, but, Mr. Chairman, I for one certainly 
wonder if we oughtn’t to look at that. 

Ranking Member Barton asked about the fines. The amount of 
money levied so far against the current contractor, do we have a 
dollar figure on that? 

Mr. Friedman. Are you referring that question to me? 

Mr. Burgess. Yes, sir. 

Mr. Friedman. I do not have a number on that, no. 

Mr. Burgess. Is there a way to — for anyone, is there a way to 
get that dollar figure on the fines levied against the contractor? 

Mr. Friedman. Well, respectfully, the third panel, I think, in- 
cludes people who would have that information. 

Mr. Burgess. Does the contractor recognize the amount of dol- 
lars that they are putting at risk? 

Mr. Friedman. I suspect they know the contract intimately. 

Mr. Burgess. OK. 

Mr. Friedman, just to finish up, your statement said the criminal 
investigation into the matter last fall is ongoing and may yet reveal 
additional security problems. 

In an open session can you expand on that statement? 

Mr. Friedman. Well, simply, the FBI has been conducting a 
criminal investigation from the get-go, and the purpose of that 
statement in my testimony — and I think it’s in our report as well 
if I’m not mistaken — is that until their investigation is complete, 
we don’t know what will turn up. There may be more. 

Mr. Burgess. What would be a reasonable time frame for this 
committee to expect that that investigation will take? 

Mr. Friedman. That’s within the purview of the FBI, sir, and I 
have no idea. 
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Mr. Burgess. Mr. Chairman, will we be privy to that report 
when the Department of Justice completes that? 

Mr. Stupak. That’s a good question. We’ll double check on it. I 
don’t see why not, but let’s double check first. 

Mr. Burgess. All right. My time has expired. 

Mr. Stupak. The gentleman from Louisiana Mr. Melancon. 

Mr. Melancon. Thank you, Mr. Chairman. 

I guess, Mr. Friedman, one of the first things when you look at — 
and I understand there’s a problem with the drug use, apparently, 
with this one particular breach, but apparently there’s some addi- 
tional problems out there within. 

Does the staff or the security people require or do the random 
drug sampling, the urine test, at all on the employees, or is it 
“you’re hired”? 

Mr. Friedman. I’m in open session. Part of your question I think 
I can address, but part of it I would prefer not to address. 

My understanding is — and, again, there are people who are on 
the third panel who can address the issue of the current policy. My 
understanding is that they have implemented a random drug test 
for all Los Alamos employees, but I may be wrong about that, and 
you’ll need to ask the third panel, sir. 

Mr. Melancon. And have you just done that just recently? 

Mr. Friedman. Fairly recently, yes. 

Mr. Melancon. With the time that’s transpired with the issue 
of security breaches and you’ve replaced the chain of command, the 
latest chain of command replacement took place when, how long 
ago? 

Mr. Friedman. June 1. 

Mr. Melancon. June 1 of last year? 

Mr. Friedman. Correct. 

Mr. Melancon. And that was subsequent of the close-down for 
7 months in 2004? 

Mr. Friedman. Well, the contract changed hands on or about 
June 1, 2006, and, yes, it was subsequent to the 2004 shutdown. 

Mr. Melancon. OK. So somewhere between 2004 and last year, 
which was 2006, how was the lab run? Who was in charge? 

Mr. Friedman. The University of California was the prime con- 
tractor. 

Mr. Melancon. And the on-site security? 

Mr. Friedman. They ultimately were responsible for the on-site 
security. 

Mr. Melancon. Who did they subcontract out for the security? 
I don’t think the University of California is a security company. 

Mr. Friedman. Well, they are at some locations, interestingly 
enough, and I forget the name of the contractor, to be honest with 
you; the subcontractor, I should say. 

Mr. Melancon. The diversity of the science — and this is, of 
course, somewhat new to me — that’s out there or the regimens that 
you have out there of the different scientists, is there some way — 
and I think maybe you spoke to it earlier. Is there some way to iso- 
late these and provide better security on each sector rather than 
just have these — and I haven’t been to the facility — 12,000 people 
just coming and going wherever they want to go? 
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Mr. Friedman. Well, there are a number of secure areas at the 
facility, and it’s worthwhile going to see it. It’s quite impressive. So 
I wouldn’t say there are 12,000 people running back and forth at 
will. It’s much more systematic and controlled than that. I’m not 
sure if there’s a practical way of doing it by discipline, but I haven’t 
thought that through, I can’t give you a good answer. 

Mr. Melancon. Yes, I’d like to go and see it. The only view I’ve 
had of it was from across the valley at a friend’s house at night 
with the lights, so getting in there and looking at it, I guess, close- 
hand would do me a whole lot of good. 

I listened to the frustration of Ranking Member Barton and 
Chairman Stupak and others who have been here and gone 
through this for a period of time, and I guess to — we’re to June. 

Why did it take so long from the 7-month shutdown — and that’s 
another year, year and a half — before we got the new contract in, 
and now we’re waiting a year to see if we’re going to get — what’s 
the problems with moving this thing quicker? I mean, I know the 
numbers are big, but 

Mr. Friedman. Well, yes. I’m not sure I can give you the precise 
timeline, but in the general sense, the recompetition of this con- 
tract was a very turbulent issue. It was a very costly issue. It was 
a very labor-intensive issue, and it was a time — a time issue as 
well. It takes a long time to prepare the RFP, to address, hopefully, 
the issues that have been resident at Los Alamos for 64 years, and 
to go to the street, give people time to propose, to evaluate the pro- 
posals, and to move forward. 

So I don’t know if that answers your question, but it is a very 
time-consuming task. 

Mr. Melancon. I’m from south Louisiana. I’ve seen inside base- 
ball, and they’re getting plagued down in recovery efforts, so I 
think I can understand some of it. 

Thank you. I have no more questions. 

Mr. Stupak. Mr. Murphy. 

Mr. Murphy. Thank you, Mr. Chairman. 

Mr. Friedman, do we have information yet on what was the mo- 
tive for this theft? 

Mr. Friedman. Mr. Murphy, It would be inappropriate — first of 
all, I don’t know the answer to the question. It perhaps resides 
with the FBI, but at this point I don’t know. 

Mr. Murphy. Do we know yet — and I guess I would open this to 
all of you — what, if anything, was — I know there was also talk 
about printers being bought and things like that — about to what 
extent things were copied, distributed and sold or who these docu- 
ments also went to? 

Mr. Friedman. If you’re directing that to me. I’ll give you the 
same answer. The FBI really, ultimately, will have to address that. 

Mr. Murphy. The same with Mr. Podonsky and Ms. Brian. Does 
anybody know yet? 

Mr. Podonsky. I would say the same thing as Mr. Friedman. We 
don’t have the answers to that. 

Ms. Brian. I can speak to the press reports from her attorney, 
which were that she was taking the work home to get extra work 
done, that she was behind. 
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Mr. Murphy. OK. Has anybody determined if there has been — 
if any of these contents have appeared anywhere else besides just 
there? 

I guess what I’m getting to here is, with regard to this informa- 
tion, that even though we’re waiting for further details from the 
FBI, have we learned anything from this yet that can be used to 
take other steps other than just blocking some of the ways you can 
put in a thumb drive or something; but have we learned how it af- 
fects security, of how it will affect hardware and software inspec- 
tions, how people come on and off the site, their security clear- 
ances? Have we learned things from this, unique to this, that has 
affected what we’re doing overall and what’s been implemented, or 
are we still going to wait for the FBI reports on this? 

Mr. PoDONSKY. I would start, first of all. Congressman, with a 
task force that we are heading up on the personnel security piece. 
We believe there is going to be a lot of serious lessons learned that 
are going to come out of the specifics to the case as well as the 
broader issue on personnel security that one of the members of the 
committee asked earlier. 

We believe that, in terms of cybersecurity as well, there are also 
lessons learned that we know that the CIOs for both NNSA as well 
as the Department are looking at, and we also know that the third 
panel will — has, in fact, done a damage assessment that they could 
probably talk about in executive session. 

Mr. Murphy. And I will look forward to that part. 

I was just wondering here, while we’re still in a public hearing, 
what we can assure the American public with regard to some les- 
sons learned, because it concerns me that this subcommittee has 
looked at these issues for a long time. Your inspections give us 
pretty solid, yet frightening information on the levels of breach of 
security, and we’re still awaiting another review before we deter- 
mine what else we need to do when so much has been out there 
for a while, and so it’s just something I just have to continue to 
raise the question of What more do we need to know before we 
really put the heel down on this? 

Ms. Brian. Congressman, if I could answer one question. I’m 
hoping by the end of this hearing that one thing that could change 
is NNSA’s pilot program at Los Alamos, which is essentially self- 
policing for safety and cybersecurity. I’m generally not a big fan of 
self-policing as a rule, and I think that a facility like Los Alamos 
hasn’t earned the trust of the Congress or the public to be essen- 
tially left up to themselves to report when they have problems, and 
I think that’s something that should be changed immediately. 

Mr. Murphy. Anybody else on that issue? 

Mr. Friedman, do you have something on that? 

Mr. Friedman. I did want to point out to you, Mr. Murphy, that 
our report — and I think we have 14 recommendations for corrective 
actions. They’re not all-encompassing, all-inclusive, but we think 
it’s a good start. The Secretary, as I indicated in my testimony, has 
a task force looking at those, and we’ll be interested to see what 
their report says in February in terms of how to convert those 
ideas into reality at the laboratory, both at the Federal level and 
the contractor level. 

Mr. Murphy. Mr. Podonsky. 
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Mr. PoDONSKY. As the independent overseer for the Secretary 
and the Deputy Secretary, I would just tell you that I have a preju- 
dicial answer, and that is we don’t think that self-assessment, by 
itself, is good, and the contractor should have Federal oversight. 
That’s why we have contractors and the Feds managing them or 
should be managing them. So, while the NNSA has this pilot pro- 
posed, we don’t think it’s ready for prime time as exemplified by 
their performance to date. 

Mr. Murphy. And I would add to that. We’re waiting for further 
investigations. We’re reviewing these 14 recommendations. It 
seems to me a lot of time is ticking by, and I’m just frightened, and 
I shudder to think what is out there and what else could be hap- 
pening while all these breaches have occurred and continue to 
occur. So we will hopefully speed up this whole process. 

Thank you, Mr. Chairman. 

Mr. Stupak. I thank the gentleman. 

Mr. Green from Texas, questions? 

Mr. Green. Thank you, Mr. Chairman. 

Mr. Podonsky, you state in your testimony that 25,000 unclassi- 
fied workstations and servers were not certified or accredited. 
What does that actually mean? Are they unprotected workstations? 

Mr. Podonsky. No, sir. I should — I should clarify that the certifi- 
cation and accreditation process makes sure that security features 
are in place and operating as designed. When you didn’t — when 
they didn’t do the accreditation of the 25,000 unclassified 
workstations, they did do a network accreditation. Our cyber ex- 
perts tell me that that’s not sufficient, because you don’t know if 
you have individual vulnerabilities on those 25,000 computer 
workstations. So that’s something that — what we believe should be 
done and should be included in their certification and accreditation 
process. 

Mr. Green. It seems like — and, again, you’ve heard it from every 
Member up here for the last at least 8 years, I guess — we’ve identi- 
fied problems time and time again and identified solutions, but for 
some reason there’s no follow-through on closing the deal. I know 
it’s a great task to do — to just deal with those 25,000 workstations 
and servers, but why wasn’t that done before this particular person 
walked out with the disk? It seemed like that would have come up 
in the last 8 years before, at least before this committee, and is 
there a problem, and nobody knows how to implement the solutions 
to it? 

Mr. Podonsky. Well, sir, we’ve identified that the lab has inad- 
equate cyber plans, policies and procedures; incomplete risk man- 
agement processes; weak self-assessment. So there’s a whole litany 
of things that the laboratory could do to fix this. 

Mr. Green. OK. I imagine this is not news to anyone sitting on 
this panel for the last 8 years. As I said, I just came back after 6 
years off of it. 

Why can’t it be fixed? Why can’t we have this? Since it’s a new 
contract, I assume when it went out for bids, this new contractor 
was security-conscious, and is it just not an issue that makes it to 
the floor of the actual Los Alamos? 

Mr. Podonsky. Sir, if you’re addressing that to me, I would an- 
swer it can be fixed, and I believe, under the current leadership of 
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the Department, it will be fixed. As I said for my third time now, 
having listened to all the plans before, to answer your question 
specifically, it is that the contractors in years past have not been 
held accountable to do what the Department has expected them to 
do. 

Mr. Green. Mr. Friedman, do you have a comment on that? 

Mr. Friedman. Well, a number of failures that we identified in 
our report, Mr. Green, are low-hanging fruit: plug the holes where 
they should be, the ports where they should be plugged, essentially 
segregate duties where they need to be segregated, ensure that 
there’s adequate monitoring. I mean, these are not high-tech, cost- 
ly, time-consuming, difficult things to do, and they should be 
done — they should have been done instantaneously, and if the lab 
has not taken steps to do those at this point, I would be very dis- 
couraged and very disappointed. 

Mr. Green. Well, Mr. Chairman, it seems like I’m refreshing my 
memory on this. I remember, over the years, we’ve had — this is 
really a college campus. The security is mostly research, what 
they’re doing, and they’re more interested in that. And it seems 
like, since the last time I was on the committee, we haven’t seen 
any changes even though it went out for bid, and I hope the next 
panel, even in closed session, will show us what can be done from — 
to make sure that this oversight investigation committee doesn’t 
continue to be dealing with what’s happening at Los Alamos for al- 
most a decade now, so — and I yield back my time. 

Mr. Stupak. I thank the gentleman. 

The Members have just a couple of quick follow-ups. We’re going 
to switch to 2 minutes and just a quick follow-up with this panel, 
and then we’re going to ask Mr. Friedman and Mr. Podonsky to 
stay because we will go to executive session a little bit later, but 
we’d like to get the other panels done before we move to executive 
session. 

So, with that, for 2 minutes. I’ll just recognize myself for 2 min- 
utes. 

In questions Mr. Green put forth and throughout the testimony 
today, we’ve heard that the system breaks down; there’s broken 
systems; it’s inadequate. 

In July 2004, the lab was shut down. They were doing this exten- 
sive review. Everything was supposed to be fixed up for that. It 
cost the taxpayers $350 million. 

So what happened? The $350 million and the 6-month shutdown 
didn’t accomplish anything? The systems weren’t updated? The 
holes weren’t plugged? What happened? What did we get for $350 
million besides a shut-down lab for 6 months? 

Mr. Friedman. Are you directing that to me? 

Mr. Stupak. Sure, Mr. Friedman. 

Mr. Friedman. Look, Mr. Chairman, if I gave anybody the im- 
pression by my earlier testimony that I think that the situation you 
find now is OK and it will get better automatically, I left the wrong 
impression, and I apologize for that. 

I am extremely discouraged and disappointed that after the lit- 
any of reports and the series of unsettling events that have taken 
place, that the simple fixes that are obviously readily available 
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have not been in place, regardless of whether there is a new con- 
tractor or not. 

So if you are asking what we got for our own money, it seems 
to me if this is the result, we did not get a lot for our money. 

Mr. Stupak. As I stated earlier, Mr. Friedman, in your report 
you said. Reviewing serious breakdown in the core laboratory secu- 
rity controls. Core. Their very basic, fundamental security is bro- 
ken down. If we couldn’t fix it after shutting it down for 6 months 
and $350 million, how do we fix it now other than we have a new 
person coming on board? 

Mr. Friedman. Well, I think I tried to lay it out. As I said, we 
have 14 recommendations in our report, and I try to lay out some 
bigger-picture items that we talked about. One is the question of 
real accountability, significant material impact on award fees, re- 
assignments, terminations; perhaps a change of the mix of the mis- 
sion of the lab is a possibility. So I think there needs to be some 
really fundamental changes to shake up the system to ensure that 
there is a sincere dedication to fixing these problems. We haven’t 
seen it yet. 

Mr. Stupak. My time has expired. Let me ask one question if I 
may. 

Los Alamos has a great record. They have great people there, top 
scientists, some of our best, most sensitive work there, no doubt 
about that. But I asked a question last hearing and never really 
got an answer. Maybe you can answer it now after some time re- 
flecting upon it. 

What do we do at Los Alamos that cannot be duplicated or done 
at the other labs? Is there anything so unique that can only be 
done at Los Alamos and not at the other labs? 

Mr. Friedman. Well, let me try to answer it this way. You did 
ask that question in a hearing that I participated. 

Mr. Stupak. And no one has come can up with a unique mission. 

Mr. Friedman. It seems to me once you get past the facilities, 
the physical plant, and there are unique aspects of the physical 
plant that would cost hundreds of millions, if perhaps billions, to 
replicate, once you get past the core of the extraordinary intellec- 
tual invigor ation that exists there, the people with the unique tal- 
ents, it seems to that — the fundamental issues that go on there 
could be done someplace else. I think the answer to your question 
is yes. 

Mr. Stupak. Mr. Whitfield. 

Mr. Whitfield. Thank you, Mr. Stupak. 

Mr. Podonsky, under the terms of the new contract with LANS 
at Los Alamos, and when it comes time to assess penalties or fees 
which we had discussed a number of times today, does the National 
Nuclear Security Administration have the primary responsibility of 
enforcing the contract? 

Mr. Podonsky. For enforcing the contract, yes, sir. 

Mr. Whitfield. And could you just briefly explain the process 
that would be entailed in assessing a penalty under the contract? 

Mr. Podonsky. Not under the contract. I would have to request 
that you defer that to the third panel. 

Mr. Whitfield. So you are not involved in that at all? 

Mr. Podonsky. Not in that type of enforcement. 
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Mr. Whitfield. Thank you. 

Mr. Stupak. Mr. Melancon, any questions to follow? 

Seeing no other Members present, we will dismiss this panel. 

Mr. Friedman and Mr. Podonsky, we would ask you to stay. 

Ms. Brian, thank you. 

Mr. Stupak. Our next panel, if we may, would consist of the 
Honorable Clay Sell, Deputy Secretary of the Department of En- 
ergy. 

Mr. Sell, again, I have to ask you to since we take all testimony 
under oath, and did you bring a legal counsel with you? 

Mr. Sell. I would just note, Mr. Chairman, the presence of our 
Deputy General Counsel from the Department of Energy. 

Mr. Stupak. Very good. 

OK, sir, I would ask you to please raise your right hand. 

[Witness sworn.] 

Mr. Stupak. The record should reflect the witness has affirma- 
tively stated that his testimony would be under oath. 

Mr. Deputy Secretary, please, if you want to give an opening 
statement. 

TESTIMONY OF HON. CLAY SELL, DEPUTY SECRETARY, U.S. 

DEPARTMENT OF ENERGY 

Mr. Sell. Chairman Stupak, Congressman Whitfield, members 
of the subcommittee, I welcome this opportunity to appear before 
you today to discuss security within the Department of Energy and 
the recent security incident at Los Alamos National Lab. 

The national security responsibilities entrusted to Los Alamos 
are our Nation’s most important. The successes that have sprung 
forth from this great lab in years past and today are properly a 
source of great pride and great power in our country. The capabili- 
ties of the men and women of Los Alamos continue today to make 
this lab the only place to go for many national security require- 
ments. And, of course, the secrets entrusted to this lab are among 
the Nation’s most sensitive. 

These are among the reasons that the facts of the most recent 
security incident at Los Alamos are so troubling and the source of 
such tremendous frustration and concern to the Secretary, to me 
and to many others throughout the DOE enterprise. 

And now, despite years of focused attention and the expenditure 
of millions of dollars, we are confronted again with the security 
failure, the facts of which suggest we still have a much larger and 
a much deeper problem. 

As has been alluded to, many well-intentioned leaders have 
worked to improve security at Los Alamos over the last few years, 
and in many key areas the Department has made substantial 
progress. But Secretary Bodman and I are less interested in effort, 
process and good intentions and more interested in results. The re- 
sults on matters of security at Los Alamos National Laboratory re- 
main unacceptable. 

You have already heard from earlier witnesses; in fact, you each 
have made statements about what have led to the problems and 
what happened in this recent matter. 

Later today you will hear from the Acting Administrator of the 
NNSA, our Department’s Chief Information Officer and the Direc- 
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tor of Los Alamos National Laboratory in more detail. Therefore, 
I intend to focus the balance of my remarks on what the Secretary 
and I are doing to fix the problems and move forward. 

First, in the immediate aftermath of learning about the security 
breach at Los Alamos, we acted immediately to assess the situation 
and understand the facts. The NNSA Administrator dispatched the 
Chief of Defense Nuclear Security and the Cybersecurity Team to 
the site to begin an immediate review of the incident. On October 
26, the Secretary ordered the Inspector General to investigate. And 
on October 30, I personally traveled to the lab to meet directly with 
those on the ground and to gain firsthand knowledge of the inci- 
dent and remedial actions to address the problems. 

Second, we took quick action to address realized vulnerabilities. 
On November 8, I issued a memorandum to improve cybersecurity 
protection for classified computer systems throughout the DOE 
complex. That memo included immediate direction to every lab and 
every facility operating a classified system to conduct an examina- 
tion of the adequacy of its practices and procedures to ensure that 
classified information is protected using multiple layers of 
cybersecurity protection including protection against potential in- 
sider threats. Also, the memo required an accounting by each lab 
and facility throughout our complex for full implementation by Jan- 
uary 15 of this year. Today I am informed that the entire complex 
is in compliance. The line managers will be responsible for ensur- 
ing continued adherence to this policy. 

Third, in response to findings contained within the Inspector 
General’s report issued on November 27, the Secretary directed two 
specific actions: first the creation of a senior-level ad hoc committee 
to review all of the recommendations in the IG’s report except 
those concerning the Department’s security clearance process; sec- 
ond, the establishment of a task force to review the personnel secu- 
rity programs throughout the entire DOE complex. 

Both reviews will conclude and provide recommendations to the 
Secretary no later than February 28 of this year. Once we have re- 
viewed the results of the laboratory’s actions, corporate and Fed- 
eral validation activities, the Secretary’s two task force rec- 
ommendations and other actions that have been directed, we will 
follow up — we will follow up and develop additional improvements 
and additional reviews as necessary. 

We will be pleased to discuss with the subcommittee the addi- 
tional actions the Secretary decides to take once he has received 
and reviewed the task force recommendations. 

Fourth, during numerous occasions, meetings and conversations 
with the NNSA, with the NNSA Administrator and his team, with 
the Los Alamos Director, and with members of the Executive 
Board, the new contractor at Los Alamos, the Secretary and I have 
expressed our depth of concern, our sense of urgency and clear ex- 
pectations for accountability from the top of the Department to the 
bottom of the laboratory, and that these continuing security prob- 
lems must be addressed, rectified, and prevented in the future. 

Fifth, even before the recent incident at Los Alamos, the Depart- 
ment had substantially increased focus and attention to matters of 
cybersecurity including hiring of a new Chief Information Officer in 
November 2005 to reinvigorate and strengthen our efforts. Among 
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other things, he accelerated our efforts to update our cyhersecurity 
order and National Security Systems Control Manual, and has 
taken numerous actions to improve our Department’s cyhersecurity 
posture. We also brought in a new Chief of Counterintelligence and 
reorganized the office to improve its performance. 

Sixth, the Department also previously recognized — and I would 
add with strong urging from the Congress — that the leadership of 
the laboratory could be strengthened by competing the M&O con- 
tract. And last June a new corporate leadership team took over 
management of the laboratory for the first time in its 64-year his- 
tory. 

Seventh and finally, because it is our view that we are — that we, 
the Department, the Secretary and I, are accountable to the Presi- 
dent, the Congress, and the American people not just for efforts, 
but for results, the Secretary and I made the extremely difficult de- 
cision to replace the Administrator of the NNSA and bring in new 
leadership. 

Now, only time will tell if we are to be successful, if we are to 
distinguish ourselves from our predecessors. But the Secretary and 
I are committed to making the tough decisions required to lead our 
Department to a level of security performance befitting the great 
missions the country has asked us to carry out. We have made 
progress in improving the security across the Department and at 
Los Alamos, but as the latest incident indicates, we have much 
more work to do. We remain committed to the task. 

I am happy to answer your questions at this time. 

[The prepared statement of Mr. Sell appears at the conclusion of 
the hearing.] 

Mr. Stupak. Thank you, Mr. Secretary. 

You indicated that only time will tell whether or not we are 
going to be successful, and I say this politely, but one of the prob- 
lems, I think there is a turnover we see at the lab and administra- 
tion and things like that. Secretary Bodman, with an upcoming 
Presidential election, will only be there 2 years. Those problems 
that we see, the problems, the constant problems we see, won’t be 
resolved in 2 years, will they? 

Mr. Sell. The efforts to resolve these problems, in my judgment, 
take continuous effort over the course of the next 2 years and in 
the years thereafter. Threats evolve, technologies evolve, and re- 
quire constant vigilance. 

Mr. Stupak. Wouldn’t it be easy for folks in Los Alamos to say, 
well, there is that directive; we have seen that directive for 2 years. 
A new set of people come in, and we can sit back? 

Mr. Sell. Mr. Chairman, that is certainly a limitation of the 
manner in which the executive branch of our Government operates. 
I will be gone in 2 years as will the senior leadership of this De- 
partment, as will the President, so we are taking great effort to in- 
stitutionalize the changes that we are making, and I will give you 
an example. 

After a previous incident in 1999, then-Secretary Richardson 
issued a substantial press release announcing a number of changes 
to correct the then-perceived security problems at the lab. Those 
announcements that were made were never put into the directives 
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which actually govern the relationship between the Department 
and its contractors. 

Mr. Stupak. We have just seen a $350 million review, and things 
that were supposed to he done were never implemented at Los Ala- 
mos. 

Mr. Sell. What we are doing, with the changes that we have 
made, is putting them into the directives which actually govern the 
contractual relationship so 

Mr. Stupak. Let’s talk about the directives though. You person- 
ally travel to Los Alamos. You did a memo on November 8 direct- 
ing each laboratory and DOE facility operating a classified com- 
puter — didn’t do anything about unclassified — ^but classified com- 
puter system to conduct an immediate and thorough examination 
to ensure that classified information is protected using multiple 
layers of cybersecurity. But isn’t it also true that in this memo you 
set forth minimum standards that must be met by January 15, 
2007; is that correct? 

Mr. Sell. That is correct. 

Mr. Stupak. Were these minimum standards accomplished by 
January 15? 

Mr. Sell. Not in all cases. 

Mr. Stupak. Not in all cases. 

Your memo also says steps are to be taken — I am looking at your 
memo. I am sure you have one there in front of you. Steps to be 
taken are to include at a minimum those in the attached guidance 
prepared by DOE Chief Information Officer. There it is. So these 
were the minimum things. 

Did anyone at Los Alamos come back to you and say, Mr. Sec- 
retary, you asked for the minimum. We went over and above; we 
went beyond the minimum. Did they do anything beyond the mini- 
mum? Any recommendations going beyond the minimum? 

Mr. Sell. Yes, Mr. Chairman. The lab is doing a number of 
things beyond what was addressed in the memo. The memo that 
I put out was based on the immediate recognition that we had a 
real problem 

Mr. Stupak. Sure. 

Mr. Sell. Specifically with ports; I wanted to take the lesson 
that we had learned under very unfortunate circumstances at Los 
Alamos 

Mr. Stupak. But you said part of it was complied by or complied 
with your request by January 15; other parts were not, correct? 

Mr. Sell. To clarify completely, Los Alamos was the last of our 
labs and facilities to come into compliance, and that occurred on 
January 22. But that is a report that I have. 

Mr. Stupak. Well, let me ask you this question then. Your Chief 
Information Officer of NNSA in staff interviews said that she sent 
the team out on January 8 to see whether Los Alamos was comply- 
ing with your directive. They found widespread noncompliance with 
your directive; isn’t that correct? 

Mr. Sell. I know as of January 8 the lab was not in compliance. 

Mr. Stupak. OK. Isn’t it also true that even in the face of all the 
publicity of the most recent security lapse, that NNSA had to pull 
the entire team back from the lab because they either could not un- 
derstand your directives or simply were incapable of responding to 
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your directives of securing the very areas and items that were 
under question as a result of the October 6 event? Why did NNSA 
have to pull back its teams? 

Mr. Sell. Mr. Chairman, we are trying to deal in a very serious 
way; I gave out in this case very clear guidance as to what was to 
be accomplished. I could have just given clear guidance and gone 
on and done something else, but we followed up on that clear guid- 
ance by sending a team out. 

Mr. Stupak. And have you pulled back? 

Mr. Sell. We sent the team out even before the deadline for 
compliance, and we found out when the team was out there that 
we weren’t making progress 

Mr. Stupak. We were not making progress? 

Mr. Sell. We were not making progress at a sufficient pace to 
accomplish what needed to be accomplished by January 15. That 
came to our attention. We gave further direction. I clarified. I 
talked to the lab Director. They understood what their require- 
ments were. We sent a team back out shortly after January 15 and 
concluded approximately January 22 that they had complied with 
the directive. 

I think it is indicative that unfortunately ensuring compliance 
and making progress requires continued effort. It requires vigi- 
lance. It requires follow-up. It will require that long after I am 
gone. I only have control of the 2 years that I remain in my posi- 
tion, and that is the way I intend to deal. And I hope we can also 
institutionalize the progress that we are making, and there are a 
number of means within our disposal to help do that, through the 
contract, through the outstanding career staff that we have in our 
Department, through a number of the individuals and leaders of 
the laboratory that will remain into the next administration. 

But it is difficult. There are reasons sufficient progress has not 
been made in previous years, and the only thing I can commit to 
you is that I am trying to deal in a way which is distinct and dif- 
ferent and distinguishable from the ways that folks have dealt in 
the past. 

I believe the Secretary and I have taken more aggressive action, 
and because I believe we are acting differently, at least I have 
some reasonable expectation that this time we will get different re- 
sults, but only time will tell. 

Mr. Stupak. All right. My time has expired. 

Mr. Whitfield for 5 minutes. 

Mr. Whitfield. Thank you, Mr. Chairman. 

And, Secretary Sell, we enjoyed your testimony today and appre- 
ciate your being here. It seems to me the years that I have been 
on this subcommittee and this issue of security breaches has been 
a subject that ultimately the effectiveness of really dealing with 
this is through the M&O contract. And you were involved in pre- 
paring or negotiating this most recent M&O contract with the con- 
sortium that is now operating LANS; is that correct or not correct? 

Mr. Sell. I am happy to have the opportunity to tell you my 
exact level of involvement. 

When I came to the Department in March 2005, the procurement 
work was already well under way. But certainly I knew it to be and 
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believed it to be the most important procurement — and I said 
this — in the history of the Department to date. 

I am not the selecting official. 

Mr. Whitfield. Who is the selecting official? 

Mr. Sell. The selecting official at the time, I believe, and I will 
ask was Tom D’Agostino, who is not yet confirmed as the Deputy 
Administrator for Defense Programs. He has been a career member 
of our NNSA team for a number of years. 

Mr. Whitfield. So was he within the NNSA at that time? 

Mr. Sell. Yes, sir. 

Mr. Whitfield. So the NNSA has the responsibility for select- 
ing? 

Mr. Sell. The NNSA had the responsibility; Mr. D’Agostino, I 
believe, was the selecting officer. But the Secretary and I did spend 
time — once the decision had been made, after the decision had been 
made, we met by video teleconference with the Source Selection 
Advisory Board. We met at length with Mr. D’Agostino, and it is 
my view that the decision that the Department made was abso- 
lutely the correct one. 

Mr. Whitfield. Now what is the length of the contract? 

Mr. Sell. The length of the contract, I believe, Mr. Whitfield, is 
a 7-year initial period but could be extended to 20 years. And I 
may be off 1 or 2 years. 

Mr. Whitfield. What is the approximate total value per year to 
the consortium for being awarded the contract? 

Mr. Sell. The total value, in rough order, about $2 billion, or 
$ 11/2 to $2 billion a year flow through the contractor. 

Mr. Whitfield. One and a half to $2 billion? 

Mr. Sell. The fee available to the contractor is on rough order 
$70 million a year. So that is the potential net to the contractor. 

Mr. Whitfield. So would I be accurate or inaccurate to describe 
the $70 million as incentive pay that they can receive in addition 
to the base amount? 

Mr. Sell. The $70 million, Mr. Whitfield, includes both the base 
amount and the incentive portion. I think that is the total fee, 
roughly, that is available to be paid to the contractor. 

Mr. Whitfield. OK. Now, you would think that since the real 
problem is safety and security, that is one of the major problems, 
that the incentives apportioned to do that would be greater than 
$3 million out of a total of $73-some million incentives. What would 
be the explanation for not making that a greater amount? 

Mr. Sell. Mr. Whitfield, I don’t think I can say anything that 
you would find to be a great explanation. Although the next 
panel — and I don’t mean to just kick this to Mr. D’Agostino, I do 
think he is more informed on that. But I will also state my belief 
that we have a greater authority to restrict and pull back award 
fee for failures beyond just the $3 to $6 million for the security. 

Mr. Whitfield. Are you aware, yourself, of the amount of pen- 
alty assessed in the 2004 6-month shutdown or not? 

Mr. Sell. I am aware that it was generally in the neighborhood 
of around $3 million for the failures in 2004. 

Mr. Whitfield. So that was a penalty that University of Califor- 
nia paid? 

Mr. Sell. That was a fee reduction in the amount that they 
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Mr. Whitfield. A fee reduction. OK. 

Now, it is my understanding that in the most recent contract 
that the consortium agreed that the 21 key personnel committed — 
that they committed to stay for a minimum of 2 years, and after 
6 months the Deputy Director has already left; is that true? 

Mr. Sell. Yes, sir. 

Mr. Whiteield. Has anyone else left of those 21 key people? 

Mr. Sell. To my knowledge none of the other 21 key individuals 
have left. 

Mr. Whitfield. But you all do have authority to assess a fee for 
the breach of that aspect of the contract, I would assume? 

Mr. Sell. I believe we do. And the only reason I hesitate is these 
are actual decisions that must be made by the contracting officer 
of whom I am not. I am trying to state as clearly as possible my 
expectation and belief 

Mr. Whiteield. My time has expired. 

Mr. Stupak. The gentleman from Louisiana Mr. Melancon. 

Mr. Melancon. Thank you, Mr. Chairman. 

Mr. Sell, I was just wondering if Los Alamos or your children are 
causing this premature gray hair. 

Mr. Sell. Both. 

Mr. Melancon. Some of the thoughts that have run through my 
mind, is the DOE team, is it on site, or was it just sent and came 
back and made a report? And how long were they on site when 
they were there? 

Mr. Sell. We have a Federal site presence of around 120 individ- 
uals that live there, work there, and deal every day as the Federal 
representative at Los Alamos. But there have been tens and tens 
of individuals from headquarters, from other locations around the 
complex, outside experts that have come for the various reviews 
and evaluations and recommendations since this most recent inci- 
dent in October. 

Mr. Melancon. Is it feasible or possible — we are looking at a 
June deadline, I think Mr. Friedman had said, to try to ascertain 
where we were in compliance — that — do you think it would make 
any difference if we put the team back down there several days a 
week between now and that time to monitor it, to make it progress 
faster, to maybe sometimes even point out their deficiencies, which 
apparently they are not seeing readily? 

Mr. Sell. Well, I think it may well help, but I want to emphasize 
that we have a team there that worked for me. I mean, they 
worked for the Secretary and I and the Administrator and on down 
the chain. And their responsibility is to ensure that the contractor 
is performing pursuant to the terms of their contract. 

And in addition to that, we have other oversight groups from 
headquarters. And we have other oversight groups from the con- 
tractor that they have hired, and they will continue to go — I mean, 
it is going to take continuous vigilance and monitoring, and per- 
haps other groups consistent with your suggestion would be helpful 
as well in ensuring that we make an institutionalized progress at 
the lab. 

Mr. Melancon. The people that are on the DOE team or the peo- 
ple that are responsible from DOE to monitor security, are they the 
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same people that are there when the first breaches occurred and 
subsequent breaches? 

Mr. Sell. Some of them. But we have made a change at the top 
of the NNSA. The new Acting Administrator then subsequently 
made a change in the person that is heading the site office at Los 
Alamos. And so we are trying to find the right kind of leadership 
that can ensure much higher levels of performance at the lab. 

Mr. Melancon. I have a general in Louisiana I can suggest, be- 
cause it sounds like it is going to take more than just a manager 
out there. 

And I ^ess that is the concern that I have is it appears to me — 
and this is new to me — that we have rolled a head or two, but the 
problem is the tail is wagging this dog. And I just — do you have 
any comments? I mean, how deep is our problem, or is our prob- 
lem — is the problem at the upper levels or security at the lower 
levels? 

Mr. Sell. Well, it has been suggested, Mr. Melancon, that we 
should shoot the dog, and I have to reject that suggestion in the 
strongest possible terms. We do have 12,000 individuals at Los Ala- 
mos that were there under the University of California. They are 
there under LANS and will continue to be there. They are the core 
capability of that laboratory. And I do believe that we have deep- 
seated issues that are going to take time. And I would suggest, 
with all due respect to our Inspector General, it will take longer 
than a year. It is going to take time to change. 

But we do have an outstanding new leadership team in place, 
and I believe the LANS team is the right team to lead the lab. I 
believe Mike Anastasio is the right Director to lead the lab. 

I believe we have a new Federal lead there on an acting basis, 
Dan Glenn. We have an Acting Administrator, in Tom D’Agostino. 
We are putting in place new policies that will actually be incor- 
porated in the terms of the contract by which we can hold the con- 
tractor accountable, and we intend to use the authorities in that 
contract to the greatest extent possible to ensure compliance and 
institutionalization of progress. 

That is our approach going forward, and if the tail continues to 
wag the dog, then the committee may properly question whether I 
am the right one to continue to provide leadership. But I have laid 
out our path as to how we are proceeding, and I am confident that 
we can make real progress. 

Mr. Melancon. Mr. Chairman, if I could be allowed one more. 

Mr. Sell, I guess the last question that I have is when do you 
think we are going to get this dog into the kennel? 

Mr. Sell. We have made in the last few months substantial 
progress. Just for example, we had — there were thousands of open 
ports on classified computers when this — the day this thing came 
to light. 

I have some level of confidence, not supreme confidence, but 
some level of confidence that that situation has been rectified; it 
will stay rectified at Los Alamos. We are changing our processes, 
but it will take — so we will continue to make progress. But the na- 
ture of security, particularly at a place as dynamic as Los Alamos, 
is constantly evolving, and I don’t think there is ever a point where 
we will reach where we say — where we can say we are done and 
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we need not worry about security anymore. We will have to be con- 
stantly tending the kennel door to make sure we have got the dog 
contained. 

Mr. Melancon. Thank you. 

Mr. Stupak. Mr. Secretary, let me assure you no one wants to 
shoot the dog. We want to put that dog on a diet and put him in 
a new kennel. 

Mr. Melancon. He needs to be trained. 

Mr. Stupak. Mr. Burgess, questions? 

Mr. Burgess. Thank you, Mr. Chairman. 

Mr. Secretary, good to see you again. You mentioned in your tes- 
timony, or I think in response to a question, that you were not the 
selector in the process of going through the RFP last year. I have 
asked this question of other witnesses, but in your opinion the 
process was fair and open and above board? 

Mr. Sell. Yes. 

Mr. Burgess. Let me ask you this: At Los Alamos what meas- 
ures are being taken to ensure the laptops and removable media 
are being encrypted or sequestered so that sensitive data is not 
leaving your site unprotected? 

Mr. Sell. Just so I understand, this is a different set of 
vulnerabilities as to the encryption of data that is then — you mean 
when it is communicated across open lines, or when it is in 
laptops? 

Mr. Burgess. Yes. Is it encrypted in laptops to reduce suscepti- 
bility to theft? 

Mr. Sell. The encryption of classified material on laptops when 
they are at a secure facility is a matter that is covered under our 
policies, and those policies are those directives that — the manual 
which governs that is being updated and will be finalized in the 
course of the next few weeks. That governs the exact terms under 
which laptops have to be encrypted. But I am sorry. Dr. Burgess, 
I can’t give a more exact recitation as to exactly how that is carried 
out. 

Mr. Burgess. And will that be something that is universal across 
the Department of Energy, or will that be specific for Los Alamos? 

Mr. Sell. It will be universal across the Department. 

Mr. Burgess. We heard previous testimony from the other panel 
that the concept of at will employment be curtailed, but that really 
is not something that is within the purview of the Department of 
Energy, is it? That is up to the individual contractor involved? 

Mr. Sell. That is something I believe that we largely leave to 
the contractor as to the negotiation of employment terms with their 
employees. 

Mr. Burgess. When the contract was awarded to LANS a year 
ago, it was done so in a belief that it could substantially improve 
security at Los Alamos. Do we still believe that? 

Mr. Sell. I do. 

Mr. Burgess. And we believe we have in place the metrics by 
which we are going to be able to show not just this committee, but 
America at large that is indeed the case? 

Mr. Sell. We have some metrics, and we are developing addi- 
tional metrics, and we will develop even further ways of measuring 
progress once we have the full recommendations from our two 
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groups that are reviewing the IG’s report and once we put in place 
all of the policies going forward. But certainly our ability to meas- 
ure progress and understand when there are failures or when there 
are potential failures before they actually happen or before they get 
outside the gates of the laboratory is a very important management 
tool that we must have, and I will ensure that we will have it. 

Mr. Burgess. So in your opinion that is what real progress will 
look like? Hopefully to us it will look like the absence of breaches, 
and we won’t be back here every 6 months covering one of these 
incidents. 

Mr. Sell. It is — a much higher level of performance must be re- 
quired. But I would like to just take a moment. I think some con- 
text about what our lab does. They generate many secrets. That is 
the nature of their business. That is the tools of their trade. And 
we talk about 139 vault-type rooms and 3,000 classified computers. 
That is the nature of the work that we do. And in order to print 
something or to move it around the lab or to store it, it requires 
lots of computer capability. It requires ports. It is a very complex 
manner dealing with our business. Vault-type rooms 

Mr. Burgess. Can you then reduce the number of computers 
without compromising your business? 

Mr. Sell. I don’t know that we can. That is certainly something 
we are looking at, and I think it is a sound suggestion. It is a sug- 
gestion that has been made internally. But I have not received a 
recommendation that we, in fact, can do that. If we can, we will. 
But our business at Los Alamos is national security matters. Al- 
most all of it is classified. 

And so I just want to try to put this into context that it may not 
be as simple as taking 139 vault-type rooms and going to 100. That 
may mean that a third of the work that we would like to do can’t 
get done. 

Mr. Burgess. Thank you, Mr. Chairman. I will yield back. 

Mr. Stupak. Mr. Sell, if I may, let me just ask you quickly, hope- 
fully we are going to have the Secretary here in March to answer 
some questions, but he put out a memo on November 28 after this 
incident came to light, and he states that the recent incident at Los 
Alamos and the findings of the Inspector General report indicate 
there may be significant deficiencies involving the application of 
personnel security policies and standards within the Department. 
What were those significant deficiencies? 

Mr. Sell. Mr. Chairman, I don’t know that I can get into the de- 
tails of the deficiencies without treading into areas which are gov- 
erned by the Privacy Act in the instant case. 

Mr. Stupak. Will you stay for the executive session then? We can 
ask you the questions then? 

Mr. Sell. I will accommodate the committee and you, Mr. Chair- 
man, however you would like. 

Mr. Stupak. OK, because I had a couple of follow-up questions 
on that. So allow me to do that in closed session. Thank you. 

Anyone else have questions? Mr. Whitfield. 

Mr. Whitfield. Just one additional quick question. Mr. Burgess 
was asking questions about the number of computers. This is a 
similar question relating to the separate security area, over 1,700 
of them, and I was just wondering have you yourself formed any 
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opinions about to believe that such a large number of geographi- 
cally dispersed and classified areas increases the vulnerability of 
operations? And do you think the areas should be reduced? And 
your views on that. 

Mr. Sell. Mr. Whitfield, I believe that there may he benefits 
from those, and certainly instinctively I would think that we could 
perhaps do that. I know that there are views inside our Depart- 
ment that we can do that. We are looking at it. And I know in your 
letter of last night you suggested also that we look at it, and we 
will do that. We are looking for suggestions and good ideas from 
any corners from which they come. 

I have not made a conclusion that is going to be possible. But it 
may well be. 

Mr. Whitfield. Thank you. 

Mr. Stupak. Thank you, Mr. Secretary. And, yes, sir. You want 
to clarify something? 

Mr. Sell. Well, Mr. Chairman, I wanted to take an opportunity 
to answer a question which you posed to other witnesses but you 
did not pose to me: What is unique about Los Alamos? 

Mr. Stupak. The unique mission that they do there. What is the 
unique mission that cannot be duplicated at any of our national 
labs? 

Mr. Sell. Los Alamos National Laboratory and the men and 
women of that lab invented and designed and are responsible for 
certifying to this day two-thirds of our strategic nuclear weapons 
stockpile. They are the only place in the countiy today where we 
can build a plutonium pit, which is the trigger, in layman’s terms, 
for a nuclear weapon. They have many, many other unique capa- 
bilities beyond that. 

But it is my view that we have to have Los Alamos, and we have 
to be successful, but more importantly that we can be successful. 
We are not destined to failure. We can be successful, but it is — we 
must have it. 

Mr. Stupak. No doubt men and women at Los Alamos are 
unique. Whether they work in Sandia, Los Alamos, or Lawrence 
Livermore, they are all unique and all talented people, and we 
have no problem with that. But we are not going to continue to 
have lapse after lapse. They owe it to the American people, not this 
committee, but the American people, to guard. 

You tell about the most sensitive things that are going on not 
only for nuclear or antiterrorism or anywhere else. We cannot have 
it going on at the same time going out the back door. That is what 
we want to impress upon not only you, but the Secretary and ev- 
erybody else. 

Look at the list here, how many hearings we have had here? 350 
million taxpayer dollars spent; the fine was $3 million, less than 
1 percent? No wonder there is no accountability. They will just ig- 
nore it and continue. 

We just want things done and done properly. American people 
deserve it. It is the American people who pay for those weapons, 
American people that have developed this. And we appreciate ev- 
eryone who works at those labs, but it is not going to continue like 
it has been. 

With that, if you have any further comment? 
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Mr. Sell. Mr. Chairman, I agree with your final statement com- 
pletely, and you have my full commitment for as long as I am in 
my position. 

Mr. Stupak. We appreciate that, and we look forward to talking 
to you a little bit more in executive session. Thank you. 

Mr. Stupak. We have our third panel. Our final panel consists 
of five people: Mr. Thomas D’Agostino, Acting Administrator, Na- 
tional Nuclear Security Administration; Ms. Linda Wilbanks, Chief 
Information Officer, National Nuclear Security Administration; Mi- 
chael R. Anastasio, Director, Los Alamos National Laboratory; Mr. 
William Desmond, Associate Administrator and Chief for Defense 
Nuclear Security; and Mr. Thomas Pyke, Jr., Chief Information Of- 
ficer, Department of Energy. 

It is the policy of this subcommittee to take all testimony under 
oath. 

Please be advised the witnesses have a right under the rules of 
the House to be advised by counsel during testimony. Do any of the 
witnesses desire to be advised by counsel at this time? If so, would 
you please introduce your counsel? 

Hearing nothing in the affirmative, I take it you do not have 
counsel with you. 

Please rise and raise your right hand to take the oath. 

[Witnesses sworn.] 

Mr. Stupak. Let the record reflect all witnesses answered in the 
affirmative. 

Mr. D’Agostino, sir, is going to start, please. 

TESTIMONY OF THOMAS P. D’AGOSTINO, ACTING ADMINIS- 
TRATOR, NATIONAL NUCLEAR SECURITY ADMINISTRATION 

Mr. D’Agostino. Thank you, Mr. Chairman. My name is Thomas 
D’Agostino, and I am the Acting Administrator of the National Nu- 
clear Security Administration within the U.S. Department of En- 
ergy, a position I have held since January 20, 2007. I am also the 
Deputy Administrator for Defense Programs. 

I want to personally assure you that with respect to the current 
issue of security at Los Alamos National Laboratory, that we are 
committed to providing the most effective security possible for nu- 
clear weapons, nuclear material and classified information both at 
the laboratory and at each of our NNSA facilities. 

The primary reason I am acting as Administrator is because of 
the Secretary of Energy’s dissatisfaction with the continuing series 
of security incidents. When the Secretary does not see results he 
expects, he takes action. The most recent of these was his request 
for the resignation of the former NNSA Administrator, Linton 
Brooks. 

Mr. Chairman, the Secretary and the Deputy Secretary expect 
me to be active in running the NNSA and to be accountable for our 
performance and make decisions when they need to be made. That 
is exactly what I am doing. 

I have made it clear to Los Alamos National Security, or LANS, 
the contractor who manages the laboratory, that we are expecting 
them to take appropriate action against any LANS employees de- 
termined to be accountable for most recent security incident. LANS 
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has reported that formal disciplinary action will be taken against 
24 employees. 

I have decided to spend my first 2 days on the job as Acting Ad- 
ministrator in New Mexico both visiting the laboratory itself and 
the Federal site office responsible for overseeing the laboratory to 
get firsthand, upfront and personal information that I can use. I 
did that last Monday and Tuesday. 

I stressed to them my expectations concerning oversight of the 
laboratory activities and the importance of accountability and 
meeting our commitments. 

I’ve directed that Dan Glenn, one of the Department’s most expe- 
rienced site office managers from the Pantex site in Texas, to serve 
as the acting Federal site office manager until a permanent re- 
placement is found. Mr. Glenn has extensive nuclear safety and se- 
curity experience at our most sensitive site. In fact, Pantex is the 
only NNSA facility where we have complete nuclear weapons on 
site. Dan has my complete confidence. 

Dan spent last Thursday and Friday at Los Alamos assessing 
current activities and operations at the Los Alamos site office, and 
he is assembling a team to aggressively oversee laboratory security 
and safety programs and to recommend not only immediate, but 
near-term fixes, fixes that we can implement and take action on 
right away. Dan will take over Los Alamos site office on February 
5. 

With respect to our specific interactions with LANS, manage- 
ment and operating contractor on the latest security incident, all 
contractual options for both penalties and motivation are under 
consideration and on the table. I want to assure you that this is 
not an academic exercise. With a nominal fee at stake, the maxi- 
mum available annual fee with security and safety as key factors 
is over $70 million. The majority of LANS’s fee is at risk, as is 
their ability to earn additional award terms — or years — added on 
to the contract. The combination of award fee and award term are 
very powerful incentives on performance, and I intend to fully uti- 
lize these tools that are available to me in managing this contrac- 
tor. 

The Department is also conducting a review of the incident to de- 
termine whether notice of violation will be issued, as was discussed 
earlier. 

Finally, the contract has a clause called Conditional Payment of 
Fee, Profits, and Incentives. This clause allows for the complete 
elimination of fee in the event of serious safety or security events 
that result in a loss of life and irrecoverable harm to the security 
of the United States. 

On January 3, 2007, we took further direct action and unilater- 
ally notified the LANS Board of Governors Executive Committee 
that I was calling a session in Washington the following week. On 
January 10, I met with the executive committee and told them of 
my specific concerns on how they have handled the current security 
incident at Los Alamos and my expectations for performance. The 
Secretary and the Deputy Secretary joined me to emphasize the se- 
riousness of the situation. 

The executive committee will provide me with their plans on how 
they will address the current situation and improve the culture at 
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the laboratory. In the coming months I will be routinely meeting 
with members of the executive committee to hear how they are pro- 
gressing with their plans. Additionally, I have asked the chairman 
of the committee, Mr. Gerald Par sky, to call the Secretary on a reg- 
ular basis, probably monthly, maybe more like on a 5-week basis, 
to update him personally on the actions that the board is taking 
to reach back to the corporate parents and to support improve- 
ments at the laboratory. 

In closing, Mr. Chairman, I commit to you that if the current lab- 
oratory management team is unable or unwilling to change the se- 
curity culture at Los Alamos, I will use every tool available to me 
consistent with the terms of the contract to effect the kind of posi- 
tive changes I expect and we deem necessary for our taxpayers. 

Thank you, and I would be pleased to take any questions the 
committee may have. 

[The prepared statement of Mr. D’Agostino appears at the con- 
clusion of the hearing.] 

Mr. Stupak. Mr. Desmond, your opening statement. 

Mr. Desmond. Mr. Chairman, I do not have an opening state- 
ment. 

Mr. Stupak. Ms. Wilbanks, opening statement. 

TESTIMONY OF LINDA WILBANKS, CHIEF INFORMATION 

OFFIER, NATIONAL NUCLEAR SECURITY ADMINISTRATION 

Ms. Wilbanks. Chairman Stupak, Ranking Member Whitfield 
and members of the committee, good afternoon. I am Dr. Linda 
Wilbanks, the National Nuclear Security Administration Chief In- 
formation Officer. 

Thank you for the opportunity to discuss the cybersecurity inci- 
dent at Los Alamos National Laboratory and the actions NNSA has 
taken to prevent similar incidents. As CIO, I am responsible to the 
Administrator for cybersecurity, specifically policies and procedures 
to ensure the security of the information and technology as it re- 
lates to the NNSA mission and to enhance our ability to protect the 
classified, sensitive and unclassified information systems. 

I came to NNSA after almost 3 years at Goddard Space Flight 
Center as a CIO. I have over 30 years experience in information 
technology, a bachelor’s degree in mathematics, a master’s degree 
in engineering and a doctorate in computer science. 

When the recent incident was reported, at my direction the 
NNSA Cybersecurity Program Manager and the Director of the 
Diskless Workstation Task Force immediately flew to Los Alamos 
with two members of the DOE cybersecurity team. Their objective 
was to learn as much as possible about the incident from the 
cybersecurity perspective and determine if any of the contributing 
factors could put LANL at further risk or they could take place at 
other NNSA sites. 

I also traveled to Los Alamos and met with the cybersecurity per- 
sonnel responsible for the Los Alamos computer systems to further 
understand the issues. We quickly identified two issues: the acces- 
sible USB ports and the cybersecurity plan that did not address the 
specific risks of the system and was incomplete, which contributed 
to the system’s vulnerabilities. 
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The Los Alamos incident occurred when a trusted insider mali- 
ciously decided to use a personal device to electronically remove 
classified material. The cybersecurity plan allowed for the cages to 
be unlocked with exposed USB ports because the servers were in 
a secure room with limited access by people with clearances to ac- 
cess the classified material. 

As a result of this incident, we have taken a number of actions 
to strengthen the cybersecurity at Los Alamos and all NNSA sites 
addressing the cybersecurity root causes that allowed this incident 
to occur. 

As a result of the incident, I immediately required that all NNSA 
sites identify the open ports on classified systems and determine if 
they needed to be open or could be permanently disabled. 

We purchased an enterprise license for software to monitor open 
port activity. All sites, including Los Alamos, are now in compli- 
ance with any ports that can be used to transmit data being sealed 
or monitored. 

The Designated Approving Authority, the DAA, is responsible for 
approving an IT system for operations by signing the cybersecurity 
plan that states how the system will be in compliance with DOE 
and NNSA policy. I have temporarily reassigned the DAA from the 
Sandia site office to Los Alamos to strengthen the cybersecurity 
there. I have directed the DAAs at all NNSA sites to review the 
cybersecurity plans, and I hold them accountable to ensure that 
those plans now address the specific risk of each system and to 
identify and rewrite the plans with omissions such as those that 
allowed the incident at Los Alamos. 

I have increased the funding to Los Alamos to hire three 
cybersecurity experts to support the Federal activity there. I have 
assembled a team of eight cybersecurity experts from headquarters 
and NNSA and had them inspect all the vaults at Los Alamos to 
determine if they were in compliance with the Department’s direc- 
tive to close ports. The team initially found areas of noncompliance; 
however, when reconvened on the site this past week, they in- 
spected all vaults and are now in compliance. 

I further directed the team to inspect the cybersecurity imple- 
mentation at all NNSA sites. Those inspections will start in Feb- 
ruary and conclude in April when the team revisits Los Alamos. 

My office has worked with the DOE CIO, Mr. Tom Pyke, to iden- 
tify areas where policies and procedures are needed to strengthen 
cybersecurity and to aggressively implement them as quickly as 
possible. NNSA is responsible for over 70 percent of the classified 
networks within the Department. We take this responsibility very 
seriously, and maintaining the security of the classified networks 
is our highest priority. 

Because of the dynamic nature of cybersecurity, no one can guar- 
antee there will never be another cybersecurity incident at any 
NNSA site. It is not possible to have perfect and complete security. 
We live in a world where hacking into Federal systems is a hobby 
of many students and many highly paid professionals. We are 
using every tool available and have put in place strong 
cybersecurity policies to ensure this type of event does not happen 
again. 
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NNSA is working very diligently to maintain a secure environ- 
ment for our information and that of the Department. We work 
closely with our sites to identify the risks, and we are moving 
ahead in many areas, and we are making progress. 

I am happy to answer your questions, sir. 

[The prepared statement of Ms. Wilbanks appears at the conclu- 
sion of the hearing.] 

Mr. Stupak. Thank you. 

Mr. Pyke. 

TESTIMONY OF THOMAS N. PYKE, JR., CHIEF INFORMATION 
OFFICER, U.S. DEPARTMENT OF ENERGY 

Mr. Pyke. Good afternoon, Mr. Chairman. My name is Tom 
Pyke. I am the Chief Information Officer at the Department of En- 
ergy. I came to the Department in November 2005 and have given 
a high priority to revitalizing the management of cybersecurity 
within the Department. 

Over the last year, DOE has undertaken a major effort to im- 
prove our cybersecurity. We developed a plan to update depart- 
mental cybersecurity directives and to issue guidance in specific 
high-priority areas. In December 2006, the Deputy Secretary 
signed a new DOE cybersecurity departmental order which estab- 
lished a new governance structure for cybersecurity program man- 
ager. The order directs the use of a risk-based management ap- 
proach and makes clear assignment of responsibility to the Under 
Secretaries and other senior officials to oversee cybersecurity man- 
agement within their organizations, including the field organiza- 
tions under their jurisdiction. 

The Under Secretaries have accepted this enhanced role and are 
working hard to strengthen the management of cybersecurity. This 
order is a key part of the institutionalization of forceful new direc- 
tion to the Department. As referred to earlier by Deputy Secretary 
Clay Sell. 

The new order provides for timely issuance of urgently needed 
cybersecurity guidance. To date, I have issued 20 cybersecurity 
guidance documents, and the Office of the Chief Information Offi- 
cer continues to develop guidance in accordance with the plan de- 
veloped last year. I have already issued guidance on certification 
and accreditation of systems and on system configuration manage- 
ment, both directly relevant to the recent Los Alamos incident. We 
have also issued special guidance on the protection of personally 
identifiable information and on the disposal of disk drives. 

Einally, directly to the concerns being addressed at this hearing, 
we have recently completed a planned DOE National Security Sys- 
tems Controls Manual. It is now in final review in the Department. 
We have been able to incorporate actions in the manual based on 
a number of the lessons learned from this incident. 

I would be pleased to respond to any questions you may have. 

[The prepared statement of Mr. Pyke appears at the conclusion 
of the hearing.] 

Mr. Stupak. Mr. Anastasio. 
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TESTIMONY OF MICHAEL ANASTASIO, DIRECTOR, LOS 
ALAMOS NATIONAL LABORATORY 

Mr. Anastasio. Chairman Stupak, Ranking Member Whitfield 
and other members of the subcommittee, I thank you for the oppor- 
tunity to speak with you today. 

I’m Michael Anastasio, and since June 1, 2006, I have been the 
Director of the Los Alamos National Laboratory. I am also Presi- 
dent of the laboratory’s new management company, the Los Alamos 
National Security, LLC, often referred to as LANS. Previously, I 
served our country for over 25 years at the Lawrence Livermore 
National Laboratory, first as a scientist and ultimately as the di- 
rector of that institution. 

The security breach at Los Alamos National Laboratory is deeply 
troubling. I want to make it absolutely clear to all of you that my 
board and I personally find this incident totally unacceptable. It is 
precisely because of such incidents that the DOE made its decision 
to recompete the contract at the laboratory. 

I want to talk with you today in my opening comments about 
four main points: First, that we take this incident very seriously, 
that we took immediate action upon learning about the issues, that 
we bring a different approach to running this laboratory, and that 
this incident accelerates our plans to develop a robust security sys- 
tem that handles today’s issues and anticipates the future. 

Although this incident occurred only weeks after we took control 
of the laboratory, I am responsible for this incident. But even more 
importantly, we are responsible for the solution to fix the labora- 
tory with regard to security and other matters. I have detailed in 
my written testimony a number of corrective actions that we’ve 
taken, and I would just like to cover six of those right now. 

We have tightened controls on the ports on all the classified com- 
puters. Through our parent organizations, we have tapped into 
independent security expertise from across the country. We have 
established a new cybersecurity organization that reports directly 
to me. Our guard force has significantly increased the number of 
searches of laboratory personnel as they leave the site. We termi- 
nated the relationship with the scanning subcontractor, and I have 
disciplined 24 employees of the laboratory as a result of this inci- 
dent. We are prescreening for illegal drugs of all new hires and will 
be randomly testing the existing workforce. 

These steps have already proven effective as we heard DOE and 
NNSA have certified last week that all the vault-type rooms that 
we have at the laboratory with classified computing are now com- 
pliant. But these initial actions aren’t sufficient. We must move be- 
yond the quick-fix, Band-Aid approach that’s been used in the past, 
and that means we must now have — address security in a com- 
prehensive and integrated manner that anticipates risks associated 
with the inexorable advancement of technology. 

There will not be a silver-bullet solution because there are none, 
but we have developed a forward-looking approach addressing all 
of the elements of enhancements to the security that needs to be 
done and do them simultaneously. We will quickly put in place 
demonstration projects that create a test bed to try out all these 
new security approaches that we have in mind. We will consolidate 
10 to 20 of our existing vault-type rooms into one overall facility. 
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In there, we will implement clear policies with advanced tech- 
nologies and proven behavioral methods. In this way, we will have 
a plan that we have demonstrated will work and that we can then 
implement across the entire laboratory. 

So, Mr. Chairman, in conclusion, the steps that I and the board 
are taking are a fundamental break from the past. The LANS part- 
nership brings together expertise and successful performance from 
across the Federal and the commercial sectors. 

As president of LANS, I report to a very demanding board, a 
board that provides a level of oversight, engagement and rigor that 
this laboratory has not seen before. I have a brand new manage- 
ment team that I, personally, selected from across our parent com- 
panies. The partnership of these four companies gives me a deep 
bench of capabilities and personnel that I’m already tapping into. 

I’m already seeing evidence of positive change at the laboratory, 
and in time these steps will lead to dramatic improvement in the 
overall performance of the laboratory. We have taken immediate 
action. We have an ambitious and comprehensive plan. We have 
extraordinary capabilities to draw upon, and we are working ag- 
gressively to execute our plan. All of my leadership team and I, 
personally, are deeply committed to the Los Alamos National Lab- 
oratory’s success and its essential role in protecting our country’s 
national security. 

Thank you, Mr. Chairman, and I look forward to answering all 
of your questions. 

[The prepared statement of Mr. Anastasio appears at the conclu- 
sion of the hearing.] 

Mr. Stupak. Thank you. And thank you all for your testimony. 

Mr. Anastasio, you said you are responsible for what happened 
at Los Alamos. Then what’s been the consequences of accepting 
that responsibility? Has anything happened to you? 

Mr. Anastasio. Has anything happened to me? 

Mr. Stupak. Yes. 

Mr. Anastasio. I’ve been working a lot longer hours, sir. Do you 
mean if I’ve been disciplined in any way? 

Mr. Stupak. Yes. 

Mr. Anastasio. I’ve been certainly in contact with my board from 
the very beginning of this incident, and they’ve made their expecta- 
tions very clear to me. The board also talked with NNSA and the 
Secretary, and based on that conversation, they’ve passed along 
those expectations, and I’ve heard the same from the Department 
as well, personally. It’s been very clear to me what everyone ex- 
pects of us at the laboratory, and 

Mr. Stupak. Well, what are the lessons you have learned since 
then, and what is being done to ensure this incident doesn’t happen 
again? 

Mr. Anastasio. Well, as I tried to detail for you a little bit in 
my oral testimony and more so in the written, it’s that we’ve taken 
a number of aggressive actions. 

Mr. Stupak. Such as? 

Mr. Anastasio. As soon as I learned about this incident, within 
hours we had already started to control the ports on classified com- 
puters. We started taking that action immediately. 
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Mr. Stupak. We’ve heard that since 2000. We’ve had eight hear- 
ings on cyhersecurity since we first brought it up in 2000, so excuse 
me, but I don’t — what’s going to be different? We’ve heard all this 
before. This is my eighth hearing now on this. 

Mr. Anastasio. We have actually succeeded in doing that, and 
the recent audit confirms that, in fact, we have complied with all 
the direction we’ve been given. 

Mr. Stupak. The audit from the Inspector General, Mr. Fried- 
man, said the core security at Los Alamos is in shambles, the core 
security. I’ll read it for you exactly if you want it, because I asked 
him about it, and it was the very basis of Los Alamos; the very core 
of their security was not good. 

Mr. Anastasio. Mr. Chairman, I find this incident and the issues 
around it totally unacceptable. My board finds that totally unac- 
ceptable. They’re going to hold me accountable to fix this. 

Mr. Stupak. And we find it totally unacceptable. 

What are we going to do to fix it? 

Mr. Anastasio. I understand that, and we are in the process of 
doing that. And so we’ve taken a series of immediate actions which, 
I think, address the immediate concerns and risks at the labora- 
tory; and, at the same time, we have a long-term plan that will get 
us to a point where we can be out in front of these issues — not al- 
ways playing catch-up that we’ve done in the past — and that will 
allow me and the American people and you, the Congress, to have 
confidence in this laboratory again. 

The Department recompeted this contract, we understand, very 
well. They recompeted this contract because of these issues, and I 
understand that the reason I’ve been brought in and my team and 
this new contractor is that we need to fix these and the other 
issues that are going on at the laboratory. And that’s what I’m here 
to commit to you to do. 

Mr. Stupak. The Inspector General’s report I will quote now. 

Our review revealed a serious breakdown in core laboratory security controls. In 
short, these findings raise serious concerns about the laboratory’s ability to protect 
both classified and sensitive information systems. 

So that’s the challenge you have. 

Ms. Wilbanks, at Los Alamos, sensitive, unclassified computer 
systems, are they adequately protected from today’s threat? You 
mentioned hackers always trying to get in. 

Ms. Wilbanks. The unclassified, sir? 

Mr. Stupak. The unclassified. “Sensitive, unclassified,” they’re 
called. 

Ms. Wilbanks. While we do not put as much attention on those 
systems as we do the classified systems, sir, I do believe they are 
adequately protected. The 25,000 systems that were referred to by 
Mr. Podonsky, they are C&A’d under the NIST provisions. 

Mr. Stupak. Sure. Would you bet your job on that all 25,000 are 
secure? 

Ms. Wilbanks. I can’t guarantee what a hacker will do and what 
the new technology will be, sir. 

Mr. Stupak. OK. 

Ms. Wilbanks. I am doing everything in my power, sir, to make 
that guarantee to Mr. D’Agostino. 
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Mr. Stupak. ok. In your testimony, you state “We have since se- 
cured all USB ports at all NNSA sites and are reviewing all 
cybersecurity plans to ensure they address the specific risks for 
that system. This type of incident, the undetected transfer of classi- 
fied information to a portable device, could no longer occur at any 
NNSA site.” 

So let me ask you: Why wasn’t all of this fixed prior to this inci- 
dent? 

Ms. Wilbanks. Actually, at some of our sites, sir, it was fixed. 

Mr. Stupak. Right. But not at all of them, obviously. 

Ms. Wilbanks. That is correct, sir. At a meeting of all of the 
DAAs from the sites in November, the “open ports fine” issue was 
brought up. 

Mr. Stupak. Sure, that’s November, but wasn’t that really one 
of the primary reasons the lab was shut down in July 2004? 

Ms. Wilbanks. I was not here then, sir. I’m sorry. 

Mr. Stupak. Did you ever review the report in 2004 and see 
what was required for cybersecurity at the lab’s computers? 

Ms. Wilbanks. Yes, I did, sir, and there was very minimal in 
there for cybersecurity. 

Mr. Stupak. OK. Hopefully, I’ll have some time for some follow- 
up because I would follow that up, but my time is up. 

Mr. Whitfield. 

Mr. Whitfield. Thank you, Mr. Chairman, and I thank the wit- 
nesses for their testimony today. 

Mr. Anastasio, you were the Director of Lawrence Livermore, I 
think you said in your testimony. 

Mr. Anastasio. That’s correct, sir. 

Mr. Whitfield. For how many years? 

Mr. Anastasio. Almost 4 years. 

Mr. Whitfield. And you’ve been here now for about 7 months at 
Los Alamos? 

Mr. Anastasio. Since June 1, that’s correct. 

Mr. Whitfield. Well, you might have some unique perspectives 
on this that we’ve been asking a lot of people, and I read this com- 
ment that said LANS’ volume of classified holdings is unnecessarily 
large, conducted in too many security areas, involving too many 
people, and is spread out over too large of an area. 

Would you agree that that assessment may give a synopsis of the 
primary differences in Los Alamos and Lawrence Livermore and 
would explain why security is such a challenge at Los Alamos? 

Mr. Anastasio. Well, I would agree those factors add a challenge 
to Los Alamos, but I believe the — one of the fundamental issues at 
the laboratory right now is that there is unclear, complicated poli- 
cies which are inconsistently applied across the laboratory. And of 
course one of the reasons for inconsistency is the fact that there are 
so many different locations. But in the past, the laboratory has — 
each organization has implemented their own version of the overall 
policies, which led to inconsistency; and I would also argue that the 
policies are overcomplicated and sometimes inconsistent, so we 
have not been enabling our employees to be a success. What they 
see is confusing. They don’t know what is allowed and what’s not 
allowed. So that’s one of the things that was in the core approach 
that we’ve taken to fix the laboratory. But at the same time, we 
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are also looking to consolidate the number of vaults, to bring those 
down. The laboratory, before we arrived, has done a lot to reduce 
the total number of accountable, removable, electronic media, a 
number of documents, so I think these are all approaches to an 
overall plan that we’re putting together. 

Mr. Whitfield. So, the confusion in policy, is that partly the re- 
sponsibility of the Government and the holder of the M&O con- 
tract? 

Mr. Anastasio. Well, certainly, we are driven by the policies that 
come from the Department through our contract, but I believe my 
responsibility goes beyond that. 

My job is to make sure the laboratory is secure. I have to be com- 
pliant with the policies, but if that is not sufficient, I have to take 
further action. I believe that 

Mr. Whitfield. But you found a lot of things wrong with the pol- 
icy and the confusion in the policy when you arrived there. I mean 
there obviously was room for improvement. 

Mr. Anastasio. Yes, there’s certainly room for improvement, and 
we’re off dealing with that and trying to 

Mr. Whitfield. Now, why would we expect that there would 
really be a great improvement when the University of California 
had responsibility for 64 years prior to the new M&O contract, and 
now they are a 50-percent stakeholder in the new contract? 

Mr. Anastasio. Well, I think there’s a number of reasons why 
you should have confidence. 

This is a new team. First, we have a board of directors that we’ve 
never had before who are very demanding. 

Mr. Whiteield. And who is on the board of directors? 

Mr. Anastasio. There are 11 members of the board of directors — 
six from the parent companies and five from the outside — outside 
world. 

Mr. Whitfield. And the parent companies would be the Univer- 
sity of California, Bechtel, and who else? 

Mr. Anastasio. BWX Technologies and Washington Group Inter- 
national. 

Mr. Whitfield. Now, what is the Washington Group Inter- 
national? Who is that? 

Mr. Anastasio. I’m sorry. I’m not sure what you mean by that. 

Mr. Whiteield. I’m not familiar with that. 

Mr. Anastasio. The president of that is Presray. 

Mr. Whiteield. What is the experience of that company? Where 
does that come from? 

Mr. Anastasio. Oh, they are involved, for instance, with the Sa- 
vannah River site. They are a major part of that contract. They are 
at the WIPP site. Those are a couple of places. They have a lot of 
expertise in nuclear — nuclear facility management. 

Mr. Whitfield. But the board is composed of six members from 
those four entities? 

Mr. Anastasio. That’s correct, sir. 

Mr. Whiteield. And then five members outside of those? 

Mr. Anastasio. That’s correct. 

Mr. Whitfield. Who selected the board members, the five that 
are outside? 
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Mr. Anastasio. The six members on the inside from the compa- 
nies, yes. 

Mr. Whitfield. OK, and those five, what companies do they rep- 
resent? 

Mr. Anastasio. We have one for oversight from 
PricewaterhouseCoopers for financial oversight. We have someone 
from Stanford. We have a former admiral, et cetera. 

Mr. Whitfield. And the board meets how often? 

Mr. Anastasio. The board normally meets quarterly but when- 
ever they need to. So we’ve had quite a number of meetings, both 
formal meetings — but I’m in constant conversation on the tele- 
phone with the key members of the board whenever that’s nec- 
essary. 

Mr. Whitfield. Now my time has expired. I just have one quick 
question. 

As a result of the most recent breach, the 1,500 and some docu- 
ments that were a problem, as the director of Los Alamos, rep- 
resenting the president of the new consortium, would you expect 
that the Government would penalize your company financially for 
that breach? 

Mr. Anastasio. Oh, I certainly understand that part of our fee 
or, ultimately, all of our fee could be at risk for this or any other 
incidents that go on at the laboratory. We understand that very 
well. 

Mr. Whitfield. OK. Thank you. 

Mr. Stupak. The gentlewoman from Colorado. 

Ms. DeGette. Thank you very much, Mr. Chairman. 

Mr. Anastasio, I wanted to follow up on some of the ranking 
member’s questions because you successfully ran Lawrence Liver- 
more for a good number of years, and I’m wondering if you could 
just tell me very briefly what is it that’s so different at this facility. 
You said a minute ago there’s unclear competing policies that are 
applied inconsistently. Are there other things? 

Mr. Anastasio. Certainly things that the ranking member iden- 
tified are issues as well, the fact that it’s physically spread out 

Ms. DeGette. The physical layout. 

Mr. Anastasio. Also, there’s a history at the site of each organi- 
zation having a lot of autonomy to implement the specifics in their 
own work area. All of these things lead to some of these challenges 
that we face. 

Ms. DeGette. How’s the morale out there? 

Mr. Anastasio. Well, the morale of the employees — they are 
really — I think it’s improving. They’ve been through a lot of con- 
troversy over the last years. They understand, because of the con- 
tract competition, that change is happening and it needs to happen, 
and I think they’re very, very committed to their mission. 

Ms. DeGette. Do you think that they’re committed to complying 
with security procedures? 

Mr. Anastasio. I think the employees are very committed to do 
their job very well, including their security responsibilities. 

Ms. DeGette. i^d is that a change in attitude? Well, you’ve only 
been there since June. 

Mr. Anastasio. Yes. I can’t say how much there’s been a change 
in attitude. 
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Ms. DeGette. I’ll be frank. When we were out there a couple 
years ago, when Mr. Barton and I were there, we got the sense 
that part of the problem was that many of these high-level employ- 
ees felt like these were — these security procedures were ridiculous, 
and they didn’t really want to comply. Have you found some of that 
attitude? 

Mr. Anastasio. The attitude I found is, first, a very loyal com- 
mitment to their country and their mission but also a confusion 
about what standard they’re being held to. And so they want to 
comply, but they’re not clear what they’re supposed to 

Ms. DeGette. And this is what you were talking about, the un- 
clear, competing policies applied inconsistently? 

Mr. Anastasio. Yes. And I think one of the things we’re trying 
to do is, as we define the overall goal and policy we want them to 
achieve, we’re trying — we’re involving some of the employees in de- 
veloping the implementation plan. That way, they’re there from the 
beginning. Now, they don’t get the final choice of what that plan 
is, but they’re part of that discussion so they understand why the 
policy is in place and how it’s implemented. 

Ms. DeGette. Right. Let me ask you this. Mr. Friedman said 
that he felt like we should give the agency until June, which would 
be your 1-year anniversary, to fix this. 

Can you fix all of these problems by June, and are you willing 
to commit to that today? 

Mr. Anastasio. I would agree with the deputy director that we 
are off fixing them right now. We have been fixing these problems 
ever since the incident occurred, that we are making progress every 
day. 

Ms. DeGette. OK. My question is can you do it by June, “yes” 
or “no.” 

Mr. Anastasio. I think this is a continuous challenge that we 
have to be on top of every day from now until 

Ms. DeGette. Can you make substantial progress by June? 

Mr. Anastasio. Absolutely, we can make substantial progress by 
June. 

Ms. DeGette. OK. Thanks. I just have a quick question for you, 
Mr. D’Agostino. 

In the binders of this Fiscal Year 2000 Performance Evaluation 
Plan — I’m sure you’re familiar with that plan 

Mr. D’Agostino. Yes, ma’am. 

Ms. DeGette. In part of that plan on page 5 is performance- 
based incentives. We’re a little confused up here. Mr. D’Agostino 
testified about everybody now understands that there are incen- 
tives under this new contract. 

We’re a little concerned about, if we wanted to take some kind 
of punitive action if these problems aren’t fixed, how much we 
could penalize the management by. Is it the entire $73,280,000 or 
some other number of that? 

Maybe you can quickly explain that to me. 

Mr. D’Agostino. Yes, ma’am. Thank you for the opportunity to 
do that. A couple of points. 

The one is there’s the clause I mentioned during my oral testi- 
mony, conditional payment of fee. It puts that whole $73 million at 
risk. 
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Ms. DeGette. ok. So, if we wanted to, we could penalize them 
that whole amount? 

Mr. D’Agostino. Yes, ma’am, but there are conditions associated 
with the contract, associated with the level of severity and 

Ms. DeGette. Whose department is that? 

Mr. D’Agostino. I would go through the contracting officer, is 
my 

Ms. DeGette. Who determines the level of severity? 

Mr. D’Agostino. There would be an analysis done. The damage 
assessment, for example, in this particular incident will be looked 
at. If there are further safety and security problems that happen, 
those would get added up into the problem, if you will, when we 
look at fee determination at the end of the fiscal year. 

So what we will do at the end of the fiscal year, which is Septem- 
ber 30 of this year, take a look at the laboratory’s performance not 
only on this particular security incident but on whether there have 
been any safety issues associated with the laboratory, and look at 
whether that conditional payment of fee clause actually applies 
here. 

In addition, your question, ma’am, was referring to this particu- 
lar page which which broke down the $70-plus million. There is the 
fixed fee: 30 percent of about $22 million; and the incentive fee. 
Within the incentive fee that you call out “performance-based in- 
centives”. There are very specific measures and deliverables under 
each one of those performance-based incentives 1 through 13. FBI 
No. 5 applies to safeguards and security, which was pointed out 
earlier that, if it’s only $3 million of the whole 70, why is that — 
why should we feel 

Ms. DeGette. Right. So do you think we can only penalize them 
$3 million or $73 million? 

Mr. D’Agostino. No, ma’am. All of the $73 million is at stake. 
I wanted to get to a point. I did spend the first few days of this 
job at Los Alamos last week. I got a chance to see firsthand the 
conditions that we’ve talked about earlier in the hearing. 

Based on that, I directed the manager at the site office, working 
with Mr. Desmond, to reevaluate, and we are unilaterally reevalu- 
ating this fee allocation within this particular plan. So we have two 
approaches, and we will — as I mentioned in my testimony. I’m 
going to make full use of the contract because that is the main tool. 
It is the tool that we should use and will use in order to make sure 
that the message gets across to the contractor. 

Ms. DeGette. OK. 

Mr. D’Agostino. I apologize for taking so long. We are going to 
conduct a reevaluation of this allocation, and we will be working 
with LANS on that reallocation, but if we don’t come to agreement, 
the Federal Government has the ability to unilaterally impose a 
change on this allocation. 

Ms. DeGette. Thank you. 

Mr. Stupak. Mr. Burgess. 

Mr. Burgess. Thank you, Mr. Chairman. 

Mr. D’Agostino, just so I’m clear on this, I think Deputy Sec- 
retary Sell testified that you were the selector in the RFP process 
a little over a year ago; is that correct? 

Mr. D’Agostino. Yes sir, that is correct. 
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Mr. Burgess. You mentioned in your testimony about recompet- 
ing the contract. I’m assuming there you were talking about the re- 
competing of the contract that happened a year ago, not a recom- 
pete that’s at some point in the future. 

Mr. D’Agostino. I’m actually referring to a recompete if it should 
come to this point. If it should come to the point where myself as 
the Acting Administrator of the NNSA feels that we have a mate- 
rial breach of the contract or we have a situation where it’s in the 
best interest of the Government, I, as the Administrator, through 
my contracting officer, have an ability to recompete. 

That is not the case right now. I want to make that clear because 
I do believe we don’t have — we don’t have all of the analysis to- 
gether as a result of the current criminal investigation that’s un- 
derway. 

Mr. Burgess. But you do have the ability, then, to recompete the 
contract. 

Mr. D’Agostino. The contract allows me to terminate for cause 
of the existing contract. 

Mr. Burgess. Without waiting the 7 years to do so? 

Mr. D’Agostino. That’s right. Yes, sir. 

Mr. Burgess. Well, let me just ask you a question then. 

We’ve heard all kinds of testimony about the fines levied, wheth- 
er it’s $3 million or $73 million; and $73 million would be a signifi- 
cant fine to levy against the contractor. 

Would they be able to continue in their mission if they were hit 
with that level of fine? Would that damage their ability to provide 
the services, the security that we’re going to demand of them? 

Mr. D’Agostino. I believe that if I were to decide today that I 
wanted to levy, and I had all of the data with me today that it 
would be a bad management decision to make that move right now 
before the fiscal year is over. I have complete faith and confidence 
in Dr. Anastasio. I understand the plans he’s putting in place. He 
does take this seriously. He has taken specific steps. There are ob- 
ligations on the part of the Federal Government as well, and I’m 
making changes on that particular side. But I do believe that it 
would be irresponsible and a bad management move from my years 
of managing organizations, before the fiscal year is actually over, 
to make that decision. 

So, to answer your question, I wouldn’t do it at this point, but 
what’s clear is the fee is an amount of resources that are set aside. 

Mr. Burgess. Well, let me just interrupt you then. 

As far as just the management aspects of it, we had a team that 
was on site for over 60 years. I’m relatively new, but it sounds like, 
on this committee, we’ve been dealing with the same sort of prob- 
lem over and over again. I don’t know whether they’re interrelated 
or not. I’ve got to assume that a laser injury of the eye is not relat- 
ed to the removal of a thumb drive, is not related to the guy get- 
ting beat up at the bar, but still there are all these things that 
keep coming up. 

How good a management decision is it to continue on with the 
same group that has brought you these troubles in the past, and 
should we not have been aWe to anticipate a subsequent breach be- 
cause of the behavior that at least has been exhibited since 1999? 
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Mr. D’Agostino. Sir, I’d like to address that in two ways. One 
is to make sure that it’s clear that the same organization is not 
running this laboratory. It’s clear that the proposal that I re- 
viewed — 

Mr. Burgess. Has the culture actually changed then since the 
awarding of the contract? 

Mr. D’Agostino. I would say I don’t know the answer to that 
question, but here’s what I will 

Mr. Burgess. I hope you find out quickly. 

Mr. D’Agostino. That’s exactly right. 

The LANS executive committee knows. The Executive Board of 
Governors, the executive committee on the board, truly under- 
stands, because I put this in writing, that I don’t believe this is just 
a matter of, well, let’s straighten out our policies and procedures, 
do a couple of checks and follow up, and everything will be all 
right. 

My job as a manager is to set expectations, to man performance 
and then follow up and use the tools that I have. This structure 
actually allows me the opportunity to do that. Never before has the 
Department had this much money on a contract. 

Mr. Burgess. And I hope you have the courage to enforce that. 

Ms. Wilbanks, let me just ask you briefly. You used the word 
“malicious” in your testimony. Did I understand that accurately? 

Ms. Wilbanks. Yes, sir. 

Mr. Burgess. So this person willfully downloaded material, took 
it back to her living quarters. What would be the — if I’m going to 
do something maliciously, presumably I have a reason for doing it. 
Have you explored that? Do we know what that answer is or is 
that still locked up in the FBI report? 

Ms. Wilbanks. I believe it’s part of the FBI investigation, sir. 

Mr. Burgess. And at some point, again, Mr. Chairman, that in- 
formation is going to be shared with us? 

Mr. Anastasio. Mr. Chairman, Congressman, if I could try to an- 
swer that briefly, in all the conversations that I’ve had with the 
FBI, they’ve given me no evidence that anything’s happened be- 
yond taking that material to her home. 

Mr. Burgess. But there must have been some financial incentive 
or wanting to damage someone. I mean you don’t just do something 
like that on a whim, or at least I can’t believe that you would. 

Mr. Anastasio. Certainly, the FBI is the one that can answer 
that in better detail, but what they’ve expressed to me in my vari- 
ety of discussions with them is they have no indication that she did 
anything beyond what was reported in the press. 

Mr. Burgess. But, again, the motive — I mean the laser injury to 
the eye, OK, that was an accident; getting beat up in a bar, that’s 
bad judgment; but taking material from the server back to your liv- 
ing quarters — I mean there’s got to be a reason why someone would 
engage in that type of activity. It was either for sale or to damage 
someone else. But again, we don’t know the answer to that at this 
point. 

Mr. Anastasio. But what we are working hard to do is make 
sure that never happens again. 

Mr. Burgess. And I would very much like an answer as to why 
it happened in the first place. 
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Do we get another round? 

Mr. Stupak. We’ll just do one more question or so. 

To get back to the FBI, we talked a little bit off the record there. 
We’ll try to have them come in and give us a briefing, a members’ 
briefing, on the status there to answer some of your questions. 

Mr. Melancon. 

Mr. Melancon. Thank you, Mr. Chairman. 

Mr. Anastasio, you talked earlier about disciplining about 20- 
some-odd people. What were the violations that you disciplined 
them for? 

Mr. Anastasio. We did a very extensive review with a detailed 
look at all the incidents going back to over a year and a half ago 
when this project was first set up. The conditions of security that 
were built into the planning that they did, all the way through the 
activities, up until — up until the recent times, and in that, there 
were a variety of people that were disciplined, either removed from 
their job or other forms of discipline for all of the different sorts 
of things that went on, which were bad judgment on the part of 
employees, bad policies and procedures that were in place and 
things of that nature. 

Mr. Melancon. Can you give me an illustration of what, maybe, 
the worst one was or one of the worst ones? 

Mr. Anastasio. I think the worst problem was the way the secu- 
rity was set up for this particular project. The people who set it up 
actually were trying hard to be very conscious of security, but they 
didn’t — they didn’t make a plan that addressed all of the potential 
risks, and the people that were responsible for that security plan 
in that vault-type room, I think, were the ones that got the most 
severe penalty. And then the second-most, I would say, was the — 
was the cybersecurity team that was responsible for the overall 
policies of the institution. 

Mr. Melancon. Of the 20-some-odd, how many did you fire? 

Mr. Anastasio. Three were removed from their assignments. 
Many of the people who were responsible for this activity were no 
longer in the same assignment when we came on board, so they 
had been moved out of their job for a variety of reasons before we 
even got there, even though they were responsible a year and a 
half ago for — for overall security things. 

Mr. Melancon. Have you been — I don’t know if you’ve been 
there shortly, but has the process been to try and ferret out all of 
these people from as far back — of course, I don’t know how far back 
you go. 

Mr. Anastasio. Yes, we went back to the very beginning when 
the project was set up. We identified all the people who were re- 
sponsible. The organization itself that was responsible at the time 
doesn’t any longer exist. We’ve reorganized, et cetera, but we went 
and identified all of the individuals who have been involved over 
this entire period of time and, again, went through a very detailed 
effort to examine all the issues and who was responsible for them, 
and that led to the 24 different disciplinary actions. 

Mr. Melancon. You ran Lawrence Livermore; is that correct? 

Mr. Anastasio. Yes, sir. 

Mr. Melancon. How many employees are there at Lawrence 
Livermore? 
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Mr. Anastasio. Oh, I guess I don’t remember offhand. I’d say 
about 8,000 to 9,000. 

Mr. Melancon. So about two-thirds to three-quarters of what 
you have at 

Mr. Anastasio. That’s approximately right. 

Mr. Melancon. Yes, and there’s not any security problems that 
you experienced there, cyber or otherwise? 

Mr. Anastasio. There were some security problems at Lawrence 
Livermore while I was there. One incident that got quite a lot of 
attention was some security keys that got lost. And the approach 
I’m taking to the incidence here is the same I took there, which is 
to act very quickly and decisively, to find out those who were re- 
sponsible and make sure that they’re properly held accountable, 
and to go build a system that addresses the issues. And I would 
say — I’d defer to others, but I’ve been told that Lawrence Liver- 
more now has the model security program for keys in the complex, 
and in fact, the lab goes around and briefs the other sites on the 
lessons learned and how to do a better job. So I think we responded 
very decisively there, and that’s been my intent to do here at Los 
Alamos. 

Mr. Melancon. Yes. I guess the thing that I’m having problems 
getting my arms around is that this country — of course, I guess, 
when you look at Homeland Security, maybe we really do have a 
problem, but it’s not at your level. But when you look at the secu- 
rity that is provided in this country and other places by our Gov- 
ernment, why is there not some type of guideline, some type of pro- 
gram that we can model after? I mean this is — are we making it 
up as we go when we brought these new contractors in? 

Mr. Anastasio. Well, certainly, there’s an element that’s very 
clear on how to do this that has the behavioral issues involved, 
that has issues of policies and procedures, infrastructure that we’ve 
talked about, how big is your infrastructure, et cetera. But there’s 
another piece which I think is a very large challenge for the coun- 
try and us at the laboratory, which is the advance of technology. 

The last time the laboratory reviewed its policies — and we could 
argue they should have done it much sooner — these little memory 
stick, thumb drives were not in common usage, and yet now that 
they are, it’s quite obvious what a risk they are for security. And 
so what’s going to be the challenge we have 2 years from now is 
we really need to develop a system in place that’s robust against 
the future advancement of technology so we don’t have to fix it 
after the fact like we’re doing now. And that’s the plan we’re off 
doing. 

Now, I would argue that, as one of the previous witnesses has 
testified, there are a lot of nefarious people out there who are very 
sophisticated who are always looking to get access, and that also 
concerns me very much. And finding a way to defend ourselves 
from those kinds of attacks as well as the kind we’re talking about 
here is a deep concern to me. 

Mr. Melancon. Thank you, sir. 

My time has expired. 

Mr. Stupak. We’ll move quickly and see if any members have 
further follow-up. There’s been some expression of wanting to fol- 
low up. If I may, just two questions. 
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Mr. Anastasio, you indicated the thumb drives — when that 
cybersecurity was done, thumb drives weren’t in use, but if you’ll 
look after January 2005, after they shut down the lab for a while, 
five out of 14 points dealt with cybersecurity, dealt with the fact 
that these things are accessible. So I would suggest that maybe a 
good place to start for security is go back and look — after we shut 
down the lab that cost $350 million, that we look at the rec- 
ommendations that were made and implement those procedures. 

Mr. Anastasio. I can’t speak to exactly what happened during — 
during that shutdown and why they did it. 

I can say that we have looked at and have, in fact, developed 
plans for all the issues that came up associated with that shut- 
down, and the corrective actions in place. We have a very effective 
system in place now to keep track of those about who’s responsible 
to 

Mr. Stupak. Sure, but in Mr. Melancon’s answer, you said the 
last time you had a security review like that, thumb drives weren’t 
being used. They were certainly in use in 2005 and long before 
that. 

Mr. Anastasio. Yes, sir, and I guess what I was — maybe to be 
clearer, the policies that the laboratory has for cybersecurity were 
not changed to be cognizant of the new technology that was avail- 
able, and that was a mistake on the laboratory’s part, and we’re 
all fixing that. 

Mr. Stupak. Ms. Wilbanks, I was asking you some questions 
about the cybersecurity and the computer systems, and I’ll ask you 
the same thing. Had you reviewed the 2004 — or after the 2004 re- 
port — recommendations made, and you indicated that there wasn’t 
much in there about cybersecurity, but yet five of the 14 rec- 
ommendations deal with cybersecurity. In fact, as you are the Chief 
Information Officer, it even states — and I’m looking at the January 
2005 memo. It says that the Office of Chief Information Officer is 
leading the effort to implement a cybersecurity enhancement plan 
to protect the confidentiality, integrity and availability of all DOE 
information systems. 

So you certainly, as the Chief Information Officer, have a huge 
role to play in shoring up all the classified and unclassified sys- 
tems, including cyber; is that correct? 

Ms. Wilbanks. Yes, sir. 

Mr. Stupak. OK, and with that, Mr. Whitfield. 

Mr. Whitfield. Thank you, Mr. Chairman. 

Just a couple more questions. 

Mr. Anastasio, what is — do you have a policy on whistleblowers? 

Mr. Anastasio. Yes, sir, we do. 

Mr. Whitfield. OK, and I’m assuming you encourage 

Mr. Anastasio. Absolutely. And we have a numb^er of mecha- 
nisms in place to allow anybody at the laboratory who has a con- 
cern that they feel they can’t discuss with their line management, 
they had, as a confidentiality process, a separate group of people 
to — to — we also have an ombudsman program. We have a variety 
of mechanisms that employees have available to them. 

Mr. Whitfield. OK, and then as a result of the deputy lab direc- 
tor announcing his retirement, which basically was in violation of 
the contract, the contract administrator or contracting officer. 
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Edwin Wilmot, wrote a letter to you on December 6, requesting a 
briefing on what steps you all intended to take to ensure the reten- 
tion of all key personnel. 

Now, have you all had that briefing yet or 

Mr. Anastasio. I have not formally responded to his letter, but 
he and I, in fact, just last week talked about this very subject on 
the phone, and I gave him an update, and he requested me to send 
him some more information which I promised to do right after this 
hearing. 

Mr. Whitfield. OK. And then just one other comment. Ms. 
DeGette’s questions made me think of this a little bit. 

The base contract, Mr. D’Agostino, is $1.5 billion to $2 billion; is 
that correct, roughly? 

Mr. D’Agostino. It’s roughly $2 billion, sir. 

Mr. Whitfield. And that’s basically for managing the site? 

Mr. D’Agostino. That’s right. It’s for managing the site. There’s 
a fee element associated with that. That’s right. 

Mr. Whitfield. And then, on top of that, we have a $73 million 
pool that can be given for extraordinary performance or incentives 
or whatever; is that correct? 

Mr. D’Agostino. As a subset, sir, not on top. It’s roughly $2 bil- 
lion. It depends on how much work we allocate to Los Alamos Na- 
tional Laboratory and the amount of work they have. The labora- 
tory gets its resources from a number of different areas within the 
Department and across the Federal Government. About 60 percent 
of it, maybe closer to 70 percent of it, actually comes from the 
NNSA. Probably about 15 percent of it comes from other elements 
of the Department of Energy, and about 15 percent comes from 
what we call “work for others,” which is work for other Federal 
agencies, the Department of Defense and other intelligence agen- 
cies. 

Mr. Whitfield. But the $1.5 billion to $2 billion, that actually 
is paid to the M&O contract holder? 

Mr. D’Agostino. Right. That’s the sum total of that text that I 
just described to you earlier, and the fee element is essentially an 
indirect charge that we allow the laboratory and part of its man- 
agement to make it an allowable cost, and it’s set aside in a specific 
account within the indirect pool, so it’s not in addition to on top 
of, sir. 

Mr. Whitfield. OK. 

Mr. Anastasio. Excuse me. Congressman, but that $2 billion is 
to execute work. That’s well 

Mr. Whitfield. OK. 

Mr. Anastasio. That’s well defined by Congress and by the De- 
partment that here’s a set of work activities for us to go and do. 

Mr. Whitfield. OK. Thank you. 

Mr. Stupak. Ms. DeGette, any follow-up? 

Ms. DeGette. Ms. Wilbanks, when I was at the facility in 2004, 
we were told that all of these ports were going to be secured then. 
And then in your testimony today, you said that since this incident, 
you’ve secured all USB ports at all NNSA sites and are reviewing 
all cybersecurity plans to ensure that they address the specific 
risks for the system. This type of incident, the undetected transfer 
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of classified information to a portable device, could no longer occur 
at any NNSA site. 

I guess my great frustration here and, I think, the frustration of 
the rest of the committee is that we keep trying to close the barn 
door after the horse escapes. Mr. Anastasio says, well, now we’re 
drug testing the employees before they get through the security 
system. Now you’re in here saying that the ports have been se- 
cured. 

Why didn’t that happen before this incident? If we knew the 
problem existed several years ago, why didn’t it happen? 

Ms. Wilbanks. I did not come to the Department of Energy until 
the end of October 2004, so I can’t speak to the comment that was 
made before I was there. 

I can tell you that the ports have been in the process of being 
closed, and the sites have been working on it. I don’t have any 
other 

Ms. DeGette. It took 21/2 years to do that? 

Ms. Wilbanks. I don’t know, ma’am. 

Ms. DeGette. OK. When did you say you came? 

Ms. Wilbanks. October 31st, 2004. 

Ms. DeGette. OK. So that was right after we were there, and 
so when you came, and then in October of this year, that was 2 
years, and the ports still weren’t closed in that time, right? 

Ms. Wilbanks. Yes, ma’am. There was no policy or procedure in 
place to require the port closure. It was not identified as a high 
risk is my assumption. 

Ms. DeGette. OK. So, if we were told — you would have no 
knowledge — so no one told you that that was a high priority? 

Ms. Wilbanks. No, ma’am. I was not aware of it. 

Ms. DeGette. OK. See, that’s why we’re so frustrated is because, 
when we were there earlier that year, we were told that that was 
a high priority. 

I guess this is what you’re talking about, Mr. Anastasio, about 
the unclear competing policies. 

Thanks. This is what they secure it with, this JB Weld. 

Ms. Wilbanks. Yes, ma’am. 

Ms. DeGette. So how would that take 2 years? Because it wasn’t 
a high priority, I guess. 

Ms. Wilbanks. That would be my answer, ma’am. 

Ms. DeGette. I’ll yield to you, Mr. Stupak, for the JB Weld ques- 
tion. 

Mr. Stupak. Thanks for yielding. 

I mean, wouldn’t you anticipate — if you’re security experts, 
wouldn’t you anticipate that someone’s going to take a thumb drive 
and put it in these computers? 

Ms. Wilbanks. No, sir. She was in a classified environment that 
only cleared 

Mr. Stupak. No. No. No. I’m not saying this lady. 

You’ve got 25,000 computers out there that you say contain sen- 
sitive information. If anyone can just take a thumb drive — and I 
think Mr. Friedman held it up earlier and said you could take two 
file cabinets full of information off of it — wouldn’t you so-called “se- 
curity experts” think of that? I mean someone thought of it in 04 
and told us when we were out there. That’s the part that’s baffling. 



71 


I yield back. 

Ms. DeGette. I just think, Mr. Anastasio, that you really have 
a job ahead of you, and I hope that you and your team can do that 
job because I don’t think there’s very long for that to happen before 
we do take really drastic changes. We’ve been sitting here for 8 
years doing this, and this is a perfect — drug testing is another ex- 
ample. I’m assuming at Lawrence Livermore and at other labs that 
drug testing for high-level security clearances is pro forma, 
wouldn’t it be? 

Mr. Anastasio. There was not a policy for drug testing at Law- 
rence Livermore when I was there. We have a requirement for cer- 
tain specific activities, the handling of nuclear material, for exam- 
ple, that the Department requires us to have a drug testing pro- 
gram for, and of course those are in place all across all the sites. 

What I’ve done at Los Alamos is to say that, actually. I’m going 
to have drug testing for all employees whether they have a top- 
level security clearance or not. 

Ms. DeGette. And just 

Mr. Anastasio. For anybody who comes to work at my site, I 
won’t stand for people using illegal drugs. 

Ms. DeGette. Well, that’s good. But even under the previous 
standards, this gal who was cleared probably shouldn’t have had 
that level of security clearance, wouldn’t you agree? 

Mr. Anastasio. I can’t speak to that. I don’t know. I don’t know 
all the background that she had and that led to her — the decision 
about the clearance. 

Ms. DeGette. Thank you. 

Thank you. I yield back. 

Mr. Stupak. Mr. Burgess. 

Mr. Burgess. Thank you. And Mr. Anastasio, it just seems in- 
credible that we will drug test our athletes. In fact, we’ve had hear- 
ings in this very room about that. We’ll drug test our athletes, and 
we’re not drug testing at Lawrence Livermore. I don’t see that as 
good information. 

Mr. Pyke, let me ask you a question. 

The designation of an “official use only” document, what would 
be the reason to designate something as “official use only”? Would 
that mean that we shouldn’t be distributing it, say, around in this 
room for everyone to look at? 

Mr. Pyke. My understanding is that the “official use only” des- 
ignation is given when someone has reason to believe there’s sen- 
sitive information in there that should not be disseminated broad- 
ly- 

Mr. Burgess. Then, of course, you’re aware that one of our staff 
members this morning downloaded a document from your Web site 
that’s marked “official use only”. 

Mr. Pyke. His report to me, late morning, is very disturbing to 
me, and in fact, I would appreciate it very much — he reported 
something similar last year, and I’m told that our staff went out 
and assured that the offending material had been taken down im- 
mediately, that very day, off of the Web. I gave directions right 
after I heard from him this morning that if, in fact, that informa- 
tion is still on the Web, that it be taken down immediately. 
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We have a clear directive to the Department that not only is 
OUO and other sensitive, unclassified information not to he placed 
on the Web, to say nothing of classified information not to be 
placed on the Web, but there is to be a process in place to ensure 
regular monitoring of Web sites to ensure that such information 
has not crept onto the Web by mistake or otherwise. 

Mr. Burgess. Or otherwise. With all of the talk that we’ve had 
this morning, you do have to worry about the “otherwise”. Fortu- 
nately for you. I’m not smart enough to understand what I’m hold- 
ing in front of me. I don’t know that I can say the same about the 
staff member who downloaded it, and if it’s not off the Web site, 
I do encourage that you do that. 

Just as a final thought on everything we’ve been talking about 
this morning, I hope we don’t focus on so much the individual 
worker at Los Alamos, the person who may have given in to a mo- 
ment of human frailty, but we really have to put those procedures 
and the culture in place that just does not allow this to happen in 
the future. And heaven help us all if we’re back here doing this 
same thing in 6 months’ time. 

I yield back, Mr. Chairman. 

Mr. Stupak. ok. Our witnesses, nothing else? 

OK. Well, thank you and you’re excused. 

We will go into executive session in 2218, Room 2218, in 15 min- 
utes, 2:05, Mr. Friedman, Mr. Podonsky and Deputy Secretary Sell, 
if you would, please. 

This record will remain open for 30 days. If members have ques- 
tions they’d like to submit to any of the witnesses, that record will 
remain open for 30 days for those questions. 

[Whereupon, at 1:51 p.m., the subcommittee proceeded in execu- 
tive session in room 2218.] 

[Material submitted for inclusion in the record follows:] 
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Introduction 

Chairman Stupak, Ranking Member Whitfield, and members of the 
Subcommittee, I appreciate the opportunity to appear before you this morning. 

My name is Michael Anastasio, and I am the Director of Los Alamos 
National Laboratory in New Mexico as well as President of Los Alamos National 
Security, LLC. 1 have served in this capacity since June 1, 2006, when Los Alamos 
National Security, or “LANS”, began operating the Laboratory under a new management 
contract, following more than 60 years of management by the previous contractor. 
Although I am new to Los Alamos, I have served our countiy for more than two decades 
working in the national security arena at Lawrence Livermore National Laboratory in 
California where I served as Laboratory Director prior to my arrival at Los Alamos. 

I came to Los Alamos because it is an institution that is vital to the 
national security of our country. From ensuring the safety and reliability of our nuclear 
weapons stockpile to developing solutions to help combat nuclear terrorism or for energy 
security, the people at Los Alamos are a unique national scientific and engineering 
resource. It is this science and engineering talent that made my decision to go to Los 
Alamos easy when I was asked to lead the LANS bid team almost two years ago. 

The same is true for my management team who decided to join me in 
bringing their experience and expertise to the Laboratory. Likewise, the four parent 
companies that comprise LANS have a demonstrated record of experience and 
accomplishment throughout the Nuclear Weapons Complex and commercial indushy. 

As we move forward addressing operational challenges, we have focused on aggressively 
implementing systematic corrections that are fully integrated with behaviora. 
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It is my belief that many of the past problems at Los Alamos were never 
fully rectified. Many corrective actions were formulated and implemented at the local 
organizational level, without clear and consistent implementation across the entire 
Laboratory. That approach continues to leave the Laboratory vulnerable to ftc 
reoccurrence of security problems that are the basis for this hearing. A highly 
experienced management team is applying institution-wide standards through an 
integrated management philosophy. Coupled with oversight by and reach back to our 
LANS parent organizations, we have and will continue to address those problems in a 
manner that engages and holds employees accountable at all levels of management in the 
vciy serious business of national security. 

Mr. Chairman, shortly after LANS took over management, Los Alamos 
National Laboratory suffered what I consider to be a very serious security breach. I am 
deeply troubled that a subcontract employee with a high level security clearance willfully 
circumvented DOE and Laboratory policies and procedures and removed classified 
material. I am equally concerned that we had inadequate management systems that failed 
to prevent this security failure. Both my Board of Governors and I directed an immediate 
series of actions to attack this incident that included; 

• cooperating completely with Department of Justice and Department of Energy 
investigations triggered by this serious event; 

• bringing in independent external security expertise from the LANS parent 
organizations to assist me in thoroughly understanding and responding to this 
incident; 

• eliminating, disabling, and controlling high risk ports on our classified computer 
networks; and 

• accelerating the review and modification of our physical and cyber security 
policies and procedures. 
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The immediate actions that were initiated helped stabilize the uncertainty 
surrounding this incident which then allowed me to focus on the accountability aspect of 
what occurred. 

Later in my testimony, I will describe in detail the specifics regariing 
accountability for this incident over and above the ongoing law enforcement action being 
taken in connection with the subcontractor employee who removed classified 
information. In summary, I personally evaluated the acts or failures to act that directly or 
indirectly contributed to this incident and found three key failures: 

• failure of the escorts to properly perform their duties by maintaining 1 00% visual 
and auditory control over the subcontractor employee; 

• failure to limit the subcontractor employee’s physical access to only that hardware 
essential for her to complete her task; and 

• failure to uniformly address risks posed by open USB ports in both classified and 
classified/unclassified mixed environments. 

In the following sections I will discuss these and other factors and how we 
are addressing these issues through corrective actions. 

I have held 24 employees accountable for individual failure to fully 
execute assigned responsibilities which contributed, directly or indirectly, to this security 
violation. I also ordered the termination of all Laboratory subcontracts with the company 
that employed the individual who removed classified information. However, holding 
these individuals accountable will not in itself provide me with an adequate path forward, 
because as we have seen in the past at Los Alamos, just dealing with poor employee 
behaviors in isolation did not sufficiently address the underlying problems. Our path 
forward will be to break down local control of the policy and procedure process and to 
make sure that all employees follow a common set of goals and expectations related to 
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security and safety that apply across the nearly 40 square miles of laboratories and 
facilities that we manage as Los Alamos National Laboratory. 

Completing such a shift cannot be accomplished quickly. However, 

LANS is bringing a completely different approach to management and oversight that we 
believe will work. There is oversight by the Board, as well as resources through the 
parent organizations, that are a great asset to me and my efforts. Having these additional 
resources, an expert management team, and a clear understanding of what has not worked 
in the past gives me the unique opportunity to effectuate successful change at die 
Laboratory. Moreover, the Board is committed to assisting me by importing best 
practices and seasoned personnel from their successful operations at other DOE sites. 

LANS Approach to Enhanced Security 

As the leader of the LANS team, I am acutely aware, as is my Board of 
Governors, that the Laboratory management contract was placed out for bid in large 
measure because of past security and safety incidents. It was this understanding, 
confirmed by what we were able to learn during the transition process, which caused me 
to take immediate actions to begin the enhancement of our general security posture when 
1 took over as Director on June 1 , 2006. At that time I created a Chief Security Officer 
position that reports directly to me, elevated the head of safeguards and security to the 
level of Associate Director, and created a more clearly defined accountability structure 
for cyber security. 

Additionally, I split the highly classified Dynamic Experimentation (DX) 
Division into two separate divisions to decrease the span of control and to increase 
managerial oversight. I also installed completely new leaders into each element of the 
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new organization. 1 took these actions because DX Division had a history of safety and 
security problems that ] dealt with by planning actions during transition and acting on 
them on day one of contract assumption (June 2006). 

We started that process during transition and expected it would continue 
well into the first year of our contract management. During transition, we became aware 
that there were problems in the cyber security operations, the majority of which centered 
on a lack of consistent policies and procedures, uneven adherence to physical security 
procedures, and a lack of adequate funding to substantially complete our diskless 
computing project. 

The Department of Energy’s Inspector General indicated that the “root 
cause” of this incident was inappropriate actions of an insider. I agree with this 
assessment but it is only part of the story. The fact that a subcontract employee was able 
to commit this act without detection confirmed one of my primary concerns. This 
incident exposed a problem not only involving employees' attention and attitude, but also 
the Laboratory’s reliance on a very complex and confusing set of cyber security policies 
and procedures that made it difficult for the employees to make good, immediate 
judgment calls. 

It is evident that in this current incident many judgment calls were 
incorrect This will result, as I mentioned earlier, in my holding twenty-four Laboratory 
employees accountable for their mistakes. Yet a significant contributing factor, and one I 
considered in determining an appropriate response to these mistakes, was our failure to 
provide these employees with clear, current, and effective policies, procedures and 
training that enabled them to comply with requirements while getting their jobs done. 
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Are We Really Differept? 

At the time of the contract award, LANS immediately implemented self- 
governance oversight as described in our proposal to NNSA, Our implementation of the 
parent organization oversight function consists of the Board of Governors and its 
Committees; parent organization functional management assessments; and AIM (Assess, 
Improve and Modernize) teams. 

As Laboratory Director, I report directly to an independent, very actively 
involved Board of Governors, established by the four LANS parent companies (Bechtel 
National, the University of California, BWX Technologies, and Washington Group 
International). This Board has access to the substantial technical, management and 
operations expertise of those organizations, including security expertise, which we have 
already drawn upon. The Board was originally created witfi six committees and as a 
result of this security incident, the Board has created a new seventh committee, the 
Committee on Safeguards and Security. The newly formed Committee of the Board of 
Governors will focus solely on oversight of Safeguards and Security, including cyber 
security, and will report directly to the Board Vice Chairman. By creating this new 
Committee, LANS has elevated the urgency of oversight and accountability for security 
activities. 

The LANS governance structure was created to capitalize on the 
individual strengths of the partners, further strengthened through the involvement of 
outside experts in areas relevant to the Laboratory’s operations. The Board has eleven 
governors, six from the member organizations, who collectively comprise the Executive 
Committee, and five independent expert members. 
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Functional assessments are performed in all areas of the Laboratory and 
are conducted by parent organization experts from corporate offices and other DOE and 
NNSA sites managed by the parent companies, as well as other subject matter expert 
consultants, niese teams of external experts are a critical element of our oversight and a 
significant departure from how oversight was conducted in the past at Los Alamos 
National Laboratory. 

Another category of oversight is in the form of what were referred to in 
our contract proposal as Assess, Improve and Modernize or “AIM” Teams. AIM Teams 
will assess and improve critical areas of concern, such as those identified in the area of 
cyber security. AIM Teams, which have been used successfully by the LANS industrial 
partners at other sites, will generally come from outside the Laboratory - from the parent 
organizations and other DOE and NNSA sites managed by the parent companies. These 
AIM Teams are a critical method for ensuring that corrective actions are implemented 
effectively and ensure that the Laboratory is staying ahead of the ever changing risk 
environment. In fact, as explained below, an AIM team was dispatched soon after the 
recent security incident. 

Summary of the Jncident 

On October 17, 2006, while serving a search warrant related to a drug 
investigation, officers of the Los Alamos County Police Department seized three 
computer “thumb drives” from the Los Alamos residence of a former Laboratory 
subcontractor employee. These are the sort of tiny memory devices that can be carried on 
a key chain. Another resident of the trailer was the target of the drug investigation. 
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Two days later, on October 19, 2006, the Police Department discovered on 
one of the thumb drives a document with classified markings. The police immediately 
referred the matter to our Laboratory’s associate directorate of safeguards and security, 
which assumed custody of the thumb drives. Our review of the thumb drives revealed 
that they contained numerous Laboratory documents some of which were marked as 
classified. 

The Los Alamos Site Office of the NNSA authorized the Laboratory to 
notify the Federal Bureau of Investigation (FBI), which on October 19, 2006, assumed 
responsibility for the investigation. The next evening, the FBI searched the subcontractor 
employee’s residence and seized a tote bag containing 228 sheets of printed paper, some 
bearing classified markings. The person targeted by the drug investigation said that the 
documents and thumb drives belonged to the subcontractor employee. 

A complete review of the contents of the thumb drives and the tote bag 
revealed copies of Laboratory documents, some of which arc classified documents, which 
we determined to have originated in a vault-type room in the Laboratory’s Dynamic and 
Energetic Materials Division (one of two new divisions created from the reorganization 
of DX division). 

At the time of the incident, the subcontractor employee held a Q-level 
security clearance, which was issued to her by the Department of Energy. For a year, 
from August 31, 2005 until August 31, 2006, the subcontractor employee scanned and 
indexed documents in the vault-type room as part of a project to preserve and archive old 
technical documents. For that assignment, she received appropriate training and 
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acknowledged security requirements of the applicable security plan for the vault in which 
she worked. 

The subcontractor employee had previously worked at Los Alamos as a 
student from June 5, 2001, until April 29, 2005, when she voluntarily left her student 
position and began working for a subcontractor to the Laboratory. From April 2005 until 
September 2005, she trained with that subcontractor and archived classified documents 
for a different Laboratory organization prior to moving to the scanning operation at issue. 
We have no evidence that she acted inappropriately during any of her earlier work 
assignments at the Laboratory. 

A Laboratory- led team of experts, including nuclear weapons experts, 
conducted a preliminary damage assessment of the information that was found on the 
thumb drive and elsewhere at the frailer. I am more than willing to discuss the details of 
the assessment with you in a closed forum, but am unable to address those issues in an 
open forum due to security concerns. 

The FBI conducted a forensic study of both the thumb drive and the work 
stations in the vault-type room where the subcontractor employee worked. This review 
revealed that the thumb drive was inserted into a work station, that a large print job was 
sent electronically to the vault printer adjacent to her work area at 2:00 p.m. that same 
day, and that the thumb drive was removed from the same work station at a later date. 
Forensics could not provide other details such as the number of times the thumb drive 
was inserted and removed during that period. 

The FBI has met with the subcontractor employee on two separate 
occasions and it is our understanding that the FBI intends to conduct additional follow-up 
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interviews. We anticipate that the FBI will share relevant information regarding their 
investigation which would be relevant to our security enhancements. 

We also understand that the subcontractor employee stated that her 
motivation for removing the classified media and documents was to help meet a work 
deadline that she was behind in fulfilling. Forensic analysis conducted to date is 
consistent with this claim. 

Since the incident on October 17, 2006, we have worked closely with tl» 
DOE, the Los Alamos Site Office of the NNSA, the Los Alamos Police Department, and 
the FBI to share information, examine forensic evidence, and conduct personnel 
interviews. The extraordinary level of collaboration between these agencies allowed us 
to quickly grasp the scope of the problem, take effective immediate corrective actions, 
and pinpoint the most serious security policies in need of urgent work. 

Cyber & Physical Security Corrective Actions: Immediate and Lonaer-Term 

Following notification of the incident, 1 quickly directed a series of short- 
term precautionary actions within the Laboratory, based on the limited infoimation that 
we had at the time. These included: 

• halting all classified scanning activities; 

• reviewing and enhancing the policy prohibiting the introduction into security 
areas of non-government owned memory devices (such as iPods, camera memory 
cards, and thumb drives); 

• reviewing and enhancing policies and procedures relating to escorting and 
operations in vault-type rooms; and 

• physically disabling all unnecessary high risk computer ports. 

After my team had more time to analyze the incident, I instituted a 
comprehensive and long-term set of actions related to cyber security. As a starting point. 
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I assigned a group of key managers to evaluate issues associated with the immediate steps 
taken to date and to develop policies and procedures that are sustainable in the long-term. 
Disabling Classified Computer Pons 

I directed Laboratoiy managers to ensure that the ability to download 
classified material to unauthorized devices had been physically disabled. Although many 
of our ports in classified computing work areas have been disabled using software, we 
added an additional security layer by physically disabling more titan 5,800 USB ports and 
more than 1,400 fire wire ports. Furthering our efforts, we have recently identified otiier 
ports, subject to the most recent DOE cyber security guidance, and have taken steps to 
eliminate, disable, control or severely limit and manage access to those ports. 

Suspended Classified Scanning Activities 

Also, as I mentioned earlier, we temporarily suspended all classified 
scanning activities. During this pause, I ordered a detailed evaluation of the policies and 
procedures governing all scanning activities prior to each activity being restarted. We arc 
not aware of any similar problems or issues with the other scanning activities. 

Review Subcontractor Security 

To ensure proper communication about, and compliance with, security 
procedures among our subcontractor workers, I directed the Laboratory’s procurement 
organization to conduct a review of all subcontracts to ensure that required security 
provisions had been properly flowed down. In addition, I directed the Laboratory’s 
procurement organization to meet with representatives from Laboratory subcontract 
companies to ensure a common understanding of security requirements and expectations. 
The Laboratory’s procurement organization instituted an ongoing process to verify that 
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contract companies are aware of and in compliance with security related contractual 
requirements, such as the creation and implementation of compliant Operational Security, 
or OPSEC, plans. 

Security Escorts 

In addition, we scrutinized the policies and procedures for escorting 
workers and visitors and for the operation of vault-type rooms to ensure there are clear 
directions in place for all Laboratory employees providing access to these secure areas. 
For example, revised escort policies now require an escort to search the belongings of the 
person he or she is escorting prior to entering and exiting a vault-type room. In addition, 
escoit/security plans are now required in instances where an individual will be escorted 
for more than ten days. These policies will continue to be reviewed and enhanced to 
ensure that they contain clear requirements so that employees may fully understand what 
is expected of them. 

Employee Training and Communications 

The Laboratoiy is also reviewing and will enhance its training and overall 
communications to ensure security requirements are clearly understood by all employees 
and that issues are elevated to and addressed by management. To that end, I asked each 
employee to personally review cyber security and physical security plans and procedures 
for their work areas and provide feedback through their management chain for 
appropriate action. 
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New Cyber Security Organization 

I determined that the current organizational structure for cyber security 
was inadequate and lacked sufficient functional integration needed to manage the 
complex cyber issues at Los Alamos. For this reason, I created a new cyber security 
office charged with integrating and streamlining our cyber security policies and 
procedures, integrating implementation of those policies and procedures across the 
Laboratory, formally validating compliance with those policies and procedures, 
coordinating what types of technologies will be approved for conilguration into our 
existing systems, and developing an emerging technology risk program. Each of these 
areas are critical for the Laboratory to develop a high fidelity cyber security program 
appropriate to the unique challenges of operations at the Laboratory and responsive to 
new technologies that may pose risks to our systems in the future. 

Increased Physical Searches 

Preventing this type of incident poses physical security challenges as well. 
I directed that the Laboratoiy security force enhance our physical search procedures. We 
increased the average number of employee searches to more than 1 00 per day. It was 
important to step up physical searches as an added deterrent. These random searches will 
complement the new escort search requirement for classified vaults and will help us in 
detecting those individuals who might attempt to repeat the actions associated with this 
security incident. 

Enhanced Drug Testing Policy 

As a result of the many reviews this incident has produced, 1 also decided 
to accelerate the planned enhancements to our existing substance abuse policies. 1 
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enhanced the drug testing policy for all Laboratoiy direct employees and onsite 
subcontractors. All new employees and onsite subcontractor employees will be subjected 
to drug screening prior to being hired. Initially, I have directed that we randomly screen 
a minimum of 20% of the entire workforce (badged employees and onsite subcontractor 
employees) on an annual basis. 

Accountability 

Termination of Subcontractor Contracts 

As identified by the various internal and external investigators assigned to 
this matter, the root cause of this security incident was the willful violation of policies 
and procedures by a subcontractor employee. The subcontractor employee was laid off 
by her employer at the completion of the scanning project and before her misconduct was 
discovered, 1 also ordered the termination of all Laboratory subcontracts with the 
company that employed her. Further, I instructed the Laboratory’s Human Resources 
Division and Security Division, working with the local NNSA office, to ensure that the 
subcontractor employee does not gain access to Laboratory property either as a direct 
employee or subcontractor. 

Employee Disciplinary Actions 

With respect to Laboratory employees, the disciplinary measures I have 
imposed are a direct result of a series of security system weaknesses and procedural 
violations that culminated in a failure to prevent or detect the subcontractor employee’s 
unacceptable behavior. 

Disciplinary actions included the removal of three employees from their 
cyber security management positions. Both the security responsible line manager and the 
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project manager received written reprimands and unpaid two week suspensions. In 
addition, seven other Laboratory employees received written reprimands and eight 
received written counseling. For five of my most senior managers, I utilized a guidance 
tool that was very effective during my tenure at Lawrence Livermore National 
Laboratory. This tool, a Memorandum of Expectations, clearly outlines my security 
expectations of them and addresses their roles and responsibilities related to their 
individual corrective action plans for physical and cyber security. 

The twenty-four personnel actions I executed arc commensurate with the 
security violations that occurred. I also know that both my team and I are ultimately 
personally responsible for ensuring that lapses like this do not reoccur. That is the same 
message that the LANS Board of Governors has also delivered to me personally. They 
also provided these assurances to the Secretary of Energy as well, It is a message that we 
all understand. 

LANS Commitment 

As I have said before, the Laboratory’s long string of security lapses was a 
signiflcant consideration in the Government’s decision to re-bid the management contract 
at the Laboratory. I can assure you that I am quite aware of the fact that I and my team 
will be judged against how able we are to address the underlying causes and failures that 
lead to this type of incident at the Laboratory. We all understood through the bid, 
transition, and managerial assumption process that the Laboratory was in significant need 
of change across all its operational areas, but in particular security. 

When we bid on the Los Alamos contract, the LANS team believed that 
most operations at the Laboratory, and in particular security, were being hampered by 
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enormous spans of control, a lack of coordinated and integrated policies and procedures, 
rapid advance in technology-driven security risks, and a workforce that had become 
focused on compliance rather than proactively “owning” solutions themselves. 

When we formulated our management plan and structure during the bid 
and transition process, we did not look to create anything overly complicated because we 
believed that what was needed more than an)^mg else was clarity and simplicity. Our 
original plan envisioned a one-year timeframe during which we would develop 
comprehensive and integrated operating procedures that would then be flowed down 
through all the Laboratory’s organizations, and we were hard at work executing that plan 
when this incident occurred. 

Solution and Path Forward 

From my meetings with several of you and with Subcommittee staff, I 
know that, very understandably, there is a strong desire for a big, dramatic — even 
revolutionary — change to fix the problems, security and otherwise, at Los Alamos. I will 
tell you, however, that I do not believe that such a silver bullet exists. 

When the LANS team evaluated and bid on the contract, we concluded 
that what we were inheriting was a great Laboratory with brilliant minds, but an 
organization that had grown up in secrecy and necessary compartmentalization. As a 
result, LANL became a less cohesive laboratory and more a set of independent 
organizations, each with its own manner of operations and expectations. 

Clear Lines of Management Authority 

Our solution to this — which I do believe is revolutionary within the 
confines of the Laboratory, and has not been done previously — is to put in place clear 
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lines of authority, the right leadership, manageable spans of control, and involvement of 
workers in implementing security and safety in their workplace. All these steps integrate 
separate organizations into an institution that can work even more effectively as a team to 
solve the nation’s national security challenges. Said another way, I have described a 
“shared fate” that includes myself, as Laboratoiy Director, through all levels of the 
workforce, and including the community to make the great strides expected of us for the 
benefit of the nation. 

To ensure that ail levels of the Laboratory receive and understand what is 
being asked of them, I am utilizing my new management team to ensure proper 
communication. ITiis is an approach that worked for me as Director of Lawrence 
Livermore National Laboratoiy. At Los Alamos National Laboratoiy, my senior 
managers now are able to better focus on their areas of responsibility and I am now better 
positioned to hold my entire team accountable. 

Continue the Walk 

While there is no immediate panacea, the actions LANS is currently taking 
and initiatives I have put in motion will put the Laboratory in a position where it can 
better anticipate risk and prevent incidents. I have concluded that we need to vigorously 
attack this issue on five fronts: processes and policies, organization, infrastructure, tools, 
and people. 

Interim Cyber-Security Organization 

I have said much about the ambiguity of policies, roles and 
responsibilities, and the disparate implementation of same. I am committed to resolving 
those issues. I have formed an interim cyber security organization that centrally aligns 
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cyber security policy and implementation responsibilities in one organization that reports 
to me. For the long term, my Chief Security Officer will recommend to me a permanent 
“steady state” organization that optimizes the Laboratory’s information architecture and 
systems in a manner that best promotes integration with the mission and physical security 
requirements. 

In developing such recommendations, the Chief Security Officer will take 
into account the findings and recommendations of the Office of Inspector General’s 
Special Report to the Secretaiy as well as the observations and recommendations of the 
LANS Board of Governor’s review which utilized a team of experts from the LANS 
parent companies. Aside from the implementation of a new cyber security organization, 
the Laboratory has carefully considered ail Office of Inspector General and Board of 
Governors’ recommendations and is implementing corrective actions that are aligned 
with recent guidance on cyber security from the Deputy Secretary of Energy. 

The expected outcomes of the interim cyber security organization and, 
ultimately, the permanent organization are as follows: 

• roles and responsibilities are clearly defined; 

• policies are compliant with DOE requirements; 

• policies are implemented in a consistent manner by line management with worker 
involvement; 

• certification and self assessment of implementation are centralized at the 
institutional level and not left to individual organizations; and 

• cyber security implementation is integrated with other security requirements. 
Compliance with Recent DOE Cyber Security Guidance 

I believe that the recent guidance from the Deputy Secretary of Energy 
will help drive Los Alamos and other DOE sites to advance engineered fixes and 
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anticipate emerging technological risks. On January 26, 2007, a federal audit team 
reported that “after a 100 percent review and validation, all LANL vaults and vault type 
rooms have me[t] the requirements for enhanced port controls on classified computers per 
the DOE Deputy Secretaiy’s memorandum of November 8, 2007.” Our initial efforts, 
which were launched in advance of the specific guidance, did not sufficiently encompass 
the broad array of computer ports in the LANL work environment. Through hard effort 
by my management team and the efforts of our dedicated workforce, we now comply 
with the guidance. I view this as a solid foundation from which to build sustained 
compliance and continuous improvement. 

Outside Cyber Security Experts 

Clearly, the organizations tasked with responsibility for cyber security and 
our employees need to be equipped with the best available tools to counter security risks. 
To that end, I have tasked my Chief Security Officer to formulate a team of outside 
industry and government cyber security experts who are conducting an examination and 
evaluation of technology evolution for the purpose of better anticipating and minimizing 
future cyber security risks. That team will recommend to me a strategy and approach for 
staying ahead of such technological risks that also face the Nation as a whole. 

I am mindful that less than carefully considered “fixes” can have 
unintended consequences. At a complex laboratory such as Los Alamos, this is not a 
trivial matter. The information technology environment is perhaps the most dynamic 
management challenge to the Laboratory since it is inexorably coupled to the productivity 
and health of the Laboratory. An obvious lesson learned from this particular security 
incident is that cyber security must be an integral part of the Information Technology (IT) 
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environment as information architecture evoives--that is, cyber security must be a design 
criteria for new systems, as opposed to being retrofitted after the fact. 

Vault Type Room (VTR) Security Pilot 

I am currently planning a pilot project to develop and demonstrate our 
concept, including the configuration of our vault type rooms. This approach will enable 
us to apply the best ideas and closely monitor the results in a test environment before 
applying them Laboratory-wide. 

The concept, which we call the “Super VTR Concept”, is built on several 
key features that address the five thrusts I discussed earlier— processes and policies, 
organization, infrastructure, tools, and people. 

First, we will consolidate and uniformly control the use of classified 
information while using technology to efficiently and effectively enable authorized, 
programmatic access. The consolidation will address a major challenge to cyber security 
at Los Alamos, which is the large number of vault type rooms distributed across the 
Laboratory. 

Second, the Super VTR will build upon the significant investment by Ae 
Laboratory in Ac Red Network expansion project Aat provides ubiquitous classified 
network access from individual work stations to the Super VTR. Third, the Super VTR 
will be designed to accommodate the broad scope of classified information that Ae 
Laboratory utilizes in Ae performance of its work. 

Fourth, the Super VTR will have additional cyber and physical security 
requirements designed into its operation. Fifth, The Super VTR will be staffed with a 
cadre of trained, professional security staff who report to a central organization in support 
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of the programs that utilize the VTR. In addition, we will monitor “culture” issues by 
monitoring human performance through the use of modem management systems and 
metrics. 

The Super VTR pilot will serve as a platform from which to launch the 
Laboratoiy from a base of competent and compliant cyber security operations to a new 
environment for secure cyber security operations. That new environment will be at the 
leading edge helping to define the future and not just react to it 
Performance Based Leadership 

To raise the bar across the Laboratoiy, the LANS team brought with it 
Performance Based Leadership which is a systematic approach to coaching and cascading 
management values through all levels of management. My team has been trained in this 
approach and I have accelerated the schedule so that we will have completed all levels of 
management by the end of this Fiscal Year. To be credible leaders, my entire 
management team must model the values and expectations that are expected from the 
workforce. 

Other Initiatives 

The LANS team is embarked on other initiatives to implement best 
industry practices to improve all aspects of operational performance. One of these 
initiatives, Human Performance Improvement (HPl), draws directly from success in the 
nuclear power industry, which dramatically reduced the number and severity of adverse 
events through a better understanding of human fallibility. Developed by the Institute of 
Nuclear Power Operations (INPO) and now successfully implemented in a number of 
private-sector applications, HPI focuses on developing systems and processes that 
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minimize the incidence of human error and mitigate the consequences of error when it 
inevitably occurs. As discussed above in the context of the Super VTR concept, I will 
utilize HPI in the management of this critical pilot. 

Let me briefly elaborate on that concept. Systems such as procedures, 
policies, equipment operation, and organizational structures have the equivalent potential 
to provoke human error as to eliminate or mitigate the consequence of error. Therefore, 
the management of these systems requires a two-fold approach: (1) identifying and 
correcting weaknesses in systems that provoke error; and (2) building robust and 
redundant defenses within systems to mitigate against human fallibility. 

It is my intent to utilize the Super VTR pitot to introduce error precursor 
measures that help management anticipate potential issues and, more importantly, help 
employees succeed by eliminating or modifying error prone policies, processes, and 
systems. 

Conclusion 

To conclude, I want to reiterate the high degree of rigor, resolution, and 
urgency that are typical of this team since the beginning of transition. We knew we had 
problems to address at the Laboratory, and we are engaged in both determining the trvw 
depth of those problems, and m itigating them in a timely manner. This incident 
highlighted the need to move even more aggressively. I regret that time did not permit us 
to be sufficiently mature in our cyber security posture to prevent this incident However, 
I am proud of the effort we have brought to bear and the results we have achieved to date 
in response to this incident. We took immediate action to close potential security gaps as 
quickly as possible. I also want to raise this caution: we are aggressively reducing 
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security risks, but we cannot guarantee zero risk as that would necessarily prevent us 
from performing our mission. 

All of us who care deeply about national security must continue to work 
together to both protect our nation’s most sensitive secrets and allow our nation’s best 
scientists to do their essential work for our future. If I can leave you with one message 
- it would be that the LANS parent organizations, the LANS Board of Governors, my 
leadership team and I will do all within our power to make the Laboratory the model and 
standard for security and safety excellence within DOE/NNSA while consistently 
reaching for world class research and scientific excellence. 

I also would like to emphasize to you today the dedication of our 
employees to the crucial national security work of the Laboratory. The only way to truly 
understand what we do is to come and visit the site. I would like to personally extend an 
invitation to each of you to visit the Laboratory and to meet our employees who are 
dedicated to certifying our nation’s nuclear weapons, meeting the challenges posed by 
weapons of mass destruction, and conducting research in energy, biology, and 
environmental science to address national priorities. 

Mr. Chairman and Members of the Subcommittee, I ask that my full 
remarks be entered into the record, and I would be happy to answer any questions. 

Thank you. 
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Answers to Submitted Questions 

Please identify exaetly how many classified computers there are at Los 
Alamos National Laboratory (LANL). Please also describe in how many dif- 
ferent locations these computers reside, and how many computers have 
open Universal Serial Bus (USB) or firewire ports. Please describe why 
each computer is essential and whether there are opportunities to reduce 
and consolidate the number of classified computers. 

The Los Alamos National Laboratory occupies 43 separate technical areas spread 
across an approximate 40-square-mile site. When Director Anastasio testified in 
January, we reported an inventory of 3,310 classified systems, 2,990 (89 percent) of 
which were networked and 320 (llpercent) were non-networked. Of the networked 
systems, 430 were servers and 2,560 were user systems. The non-networked systems 
consisted of 240 desktop systems and 80 laptop systems. Non-networked systems 
are generally utilized in areas where classified network connections are not avail- 
able or to address information protection requirements. Laptop systems are needed 
for experiments conducted in remote regions of the LANL site and to which data 
acquisition equipment must often be transported, and also are an essential compo- 
nent for nuclear emergency response activities. When not in use, the non-networked 
laptop systems are protected as accountable CREM by storing them in a classified 
media library. 

As of the time of this response, LANL has 2,912 classified systems, of which 2,653 
(91 percent) are networked computers and 259 (9 percent) are non-networked. Of 
the networked systems, 450 are servers, and 2,203 are user systems. The non- 
networked systems include 64 laptops, 198 desktops, and seven custom experi- 
mental devices. The reduction is due both to conscious decisions made to reduce the 
total number of systems (for instance 94 non-networked systems were decommis- 
sioned in the first quarter of this year) and changes in our programmatic activities 
and their associated needs for classified computing. 

Only seven of Los Alamos’s 43 technical areas house classified networked comput- 
ers. Sixty percent of our networked classified computers are located in a single tech- 
nical area. Twenty-seven percent are located in two other technical areas and the 
remaining systems are found at four other technical areas. Non-networked systems 
are found at 14 technical areas; 50 percent at a single technical area, seven percent 
at another technical area, and the remaining systems are scattered between the 
other 12 technical areas. Nine of the 14 technical areas do not house any networked 
computers. Twelve classified media libraries currently store the non-networked clas- 
sified laptops when they are not in use. 

All classified computing is performed in security areas. 

As with the above reductions made in the number of classified systems, LANL has 
also made major changes in the control of USB and firewire ports since the time 
of the incident last Fall. Currently, there are no "open" USB or firewire ports on 
classified systems (with the exception of systems used by the nuclear emergency re- 
sponse teams, which constitute a very small percentage of Los Alamos’ total classi- 
fied computing resources). All USB and firewire ports have been protected by one 
or more methods that have been approved by the NNSA Los Alamos Site Office. 

The number of computers at LANL varies with changes in our programmatic ef- 
forts. Expenditures for classified computers, as with other equipment, are appro- 
priately justified based on programmatic need. Specific discussion about why each 
program requires the specific computers supporting it would render this response 
classified. In general, the classified computers at LANL support the following areas: 

• Nuclear weapons design 

• Stockpile stewardship 

• Pit production 

• Homeland security and threat reduction 

• Nuclear emergency response 

• Intelligence community support 

LANL is taking a number of actions to further reduce risks. For instance, LANL 
is emphasizing standardizing the types of systems used, networking as many of 
those as possible to permit consistent system administration, reducing accountable 
CREM, monitoring computer activity, and consolidating locations where such serv- 
ices as classified printing, media generation, and matter storage are available to im- 
prove the control of system output mechanisms. As an example, the Super VTR pro- 
totype is expected to eliminate at least six other vault-type rooms and five classified 
media libraries. 

Please identify exaetly how many elassified security areas there are at 
LANL. Please describe why each classified security area is essential and 
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whether there are opportunities to reduce and consolidate the number of 
classified security areas. 

Currently there are 1,372 distinct and separate buildings where classified activi- 
ties occur and where the appropriate levels of security are provided. These 1,372 
buildings are located within 108 “Security Areas,” each enclosed by security fences 
and access gates. Each building/area where a classified activity occurs has a unique 
significance relative to national security that is mission-specific to those locations. 
The majority of these buildings contain classified repositories that reduce the neces- 
sity and frequency (and resultant risk) of transporting classified documents/mate- 
rials between locations. 

We are continuing our comprehensive review of locations and holdings to ensure 
this number is reduced to the absolute minimum consistent with operational re- 
quirements. 

Please identify exactly how many classified vaults there are at LANL. 
Please descrihe why each classified vault is essential and whether there 
are opportunities to reduce and consolidate the number of classified 
vaults. 

There are currently 129 Vaults and Vault Type Rooms at LANL. Of that, 11 of 
those facilities are true vaults. Each Vault or Vault Type Room has a unique signifi- 
cance relative to national security that is mission-specific to the location. Since Octo- 
ber 1, 2006 LANL has embarked on a continuing process to consolidate and reduce 
the number of these types of facilities. Since then, LANL has successfully reduced 
the number of Vaults and Vault Type Rooms from 142 to 129 using the following 
criteria: 

• Wherever possible and when programmatic compartmentalization responsibil- 
ities allow, remove classified material and consolidate into existing Vaults and Vault 
Type Rooms. 

• In cases where aging infrastructure make compliance with physical security 
standards and maintenance of intrusion detection systems cost prohibitive, classified 
assets are to be consolidated into newer, compliant Vaults and Vault Type Rooms. 

• Those existing Vaults and Vault Type Rooms that only house classified comput- 
ing infrastructure like server racks and networking systems hardware are to be 
given a priority for review for consolidation and reduction. 

• LANS is piloting a Super Vault Type Room project where similar classified proc- 
essing activities are to be consolidated into a single facility. The first Super VTR 
will combine at least six Vault Type Rooms into one. As funding becomes available 
for additional Super VTRs, additional consolidation will be possible. 

These efforts are ongoing and should lead to future further reductions in the num- 
ber of Vaults and Vault Type Rooms at LANL. To put our efforts in context with 
the DOE complex, Lawrence Livermore National Laboratory, Sandia National Lab- 
oratory and the Pantex Plant currently manage over 200 Vaults and Vault Type 
Rooms each. 
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Thank yoti for inviting me to testify today. I am Danielle Brian, Executive Director of the 
Project On Government Oversight (POGO), an independent nonprofit that investigates and 
exposes corruption and other misconduct in order to achieve a more accountable federal 
government. We have been investigating and exposing security failures in the nuclear weapons 
complex since 2001 and have issued three reports on the topic so far; The U.S. Nuclear Weapons 
Complex: Security at Risk in 2001, The U S. Nuclear Weapons Complex: Homeland Security 
Opportunities in 2005, and The U.S. Nuclear Weapons Complex: Y-12 and Oak Ridge National 
Laboratory at High Risk in 2006. 

After the Wen Ho Lee debacle of the late 1 990s, a brand netv. semi-autonomous National 
Nuclear Security Administration (NNSA) was created to improve security - and in particular 
cyber-security - in the nuclear weapons complex. Despite the creation of this agency, security 
failures continued to plague the complex. Of primary concern has been the Los .Alamos National 
l.aboratory'. Many people, including those of us at POGO. believed the consistently poor 
performance in security at the Lab was because the same contractor, the University of California 
(UC), had been ninning Los Alamos for 60 years without fear of losing its contract - no matter 
how badly it ran the Lab, There was no incentive to do things well. Finally, after much pressure 
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from this Committee and others, then-Energy Secretary Spencer Abraham announced that he 
would compete the contract- On December 21, 2005, Secretary Samuel Bodman announced that 
the UC / Bechtel team had won the contract to run the Los Alamos Lab. At the time, many 
doubted that this team was anything more than the same old UC in new clothing. However, 
Secretary Bodman stated: 

1 cannot stress enough . . . that this is a new contract, with a new team, marking a new 
approach to management at Los Alamos. It is not a continuation of the previous contract. 
That is how our Department views the situation from this point forward. . . . There has 
been quite a bit of turmoil and uncertainty over the last few years, Today’s announcement 
is designed to relegate that tumult to the past, and to usher in a new era of invaluable, 
cutting-edge science at Los Alamos. So this is a good decision for the men and women 
who make up this lab. And let me take this opportunity to mention that this evening. 
Ambassador Brooks will be flying to New Mexico, 

Yet, here we are just over one year later and .Ambassador Linton Brooks has been asked 
to resign; our nation’s secrets have been mishandled by Los Alamos - again; and the suspicions 
of many were fulfilled: Nothing has really changed at Los Alamos alter all. In fact, 1 fear things 
may actually be getting worse. Not only has NNSA has failed to coiTcct security issues, but the 
agency has determined that it wants even less oversight of Los Alamos and has implemented a 
new pilot program in which oversight has been handed over to the contractor itself. 

Since 2001, when POGO began investigating the security of the Nuclear Weapons 
Complex, there have been at least seven instances in which classified information was 
mishandled at Los Alamos. Classified computer disks have gone missing; computers that may 
have contained classified infoimation somehow disappeared from Lab property, either having 
been stolen or lost; classified information has been transmitted through unsecured emails; and the 
list goes on. A cyber-security episode has occurred, on average, nearly once a year since POGO 
began its investigation. And ail these instances occurred after the infamous episode of the twm 
missing hard drives, which contained highly classified. Sigma- 1 4 Nuclear Emergency Search 
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Team (NEST) data and which were later discovered with all the fingerprints wiped away behind 
a Xerox machine. 

Now, in the most recent incident, a subcontractor employee freely took over 200 pages of 
hard-copy classified documents and over 400 classified documents on flash drives to her home, 
which she shared with a drug dealer.' This could only have happened if there was a complete 
collapse of multiple supervisory and security systems. It was only by happenstance that she was 
caught, not because an effective security system was in place. We never would have known about 
this security breach if it hadn’t been for a domestic disturbance. Furthermore, we have no way of 
knowing how many other instances like this are out there but have flown below the radar. It is 
important to remember that NNSA attempted to keep this incident secret from Congress and the 
public, until POGO learned about it eight days after a local police raid. 

As a side-note, if media reports and statements by investigators are accurate, this most 
recent case points to extraordinary failures in the personnel security clearance process, in 
addition to cyber-security failures at the Lab. However, given that this case is still under 
investigation, we don’t believe it is appropriate to discuss the security clearance process in a 
public session. Furthermore, it is only since this incident that Lab management is recommending 
that Los Alamos employees be subjected to drug testing, which I understand is very controversial 
at the Lab, How could it have taken so long to take such a basic step? Even my 16 year-old son 
had to take a drug test to work at Target, where he straightens up the ketchup bottles. 

After the most recent security incident at the Lab, a cyber-security audit was launched. 
According to a Lab email, which I would like to submit for the record, “,\s a result of the 
preliminary findings of [the Cyber Security | audit, LANL has agreed to suspend all non-essential 


' “Nuclear lab’s security scruiinized,” CNN, Ociober 26 2006, 
hup: 'ww\v,cnn.coin/2006.''US.'l 0/26/los-alanios/index.html ; "Drag Raid Yields Los Alamos Documents,” by Lara 
Jakes Jordan, Associated Press Wriicr, (X'iober25, 2006, 

hitp;/.'www.sfg,ate.com'cgi-bin,^articIe.cgi?f”.'n/a,'2006>'I0/24/nationat‘wJ62852t)72,D‘I L ; “New Details Emerge In 
Los Alamos Case: Top Nuke Lab Data Leak Apparently Discovered During Drug Bust; Officials Search For Ties," 
CBS News, Ociober 25. 2006, http://www. cbsnews.com, '5iories,-2006<' 1 0;24,'naiional'main2 1 22004 .shtml. 
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classified computing activities for a least the next 48 hours by the close of business today.” This 
is not the first time .security failures have significantly impacted operations at the Lab. 

In 2000, shortly before leaving office, then-Secretaiy Bill Richardson announced the 
complex was going “media-less” or “disk-less,” so that there would no longer be Classified 
Removable Electronic Media (CREM) to be lost or stolen. The labs ignored the order. In May 
2004, then-Secretary Abraham announced that the complex was going to a disk-less system. 
Again, the labs ignored the order. Then, two months later after yet another mishandling of 
classified media, Abraham shut down all classified operations at Los Alamos for over eight 
months. This closure cascaded around the complex and, in total, cost the taxpayer over $500 
million because the contractor continued to get paid while little or no work was accomplished 
over those months. UC was not penalised for this, and it is unclear what, if any, costs were 
disallowed during this period. Instead, UC was re-awarded the contract. And after all that time 
and money, flash drives are being discovered in trailer park metli labs. 

I suspect Secretary Bodman will soon be announcing a new initiative to solve cyber- 
security problems, and I am sure he is genuine in his belief that his directives will fix the 
problem. But those of us who have been around for a while have reason to be skeptical. 

CYBER-SECURITY IS NOT THE ONLY PROBLEM AT LOS ALAMOS 

In addition to cyber-security failures, Los Alamos continues to sutler from safety 
problems. Recent safety incidents include: a post-doctoral student was shot in the eye with a 
laser; two workers were forced to work in an area where acid was burning their lungs; a hose 
came loose in a glove box at TA-55, seriously contaminating several workers with highly 
carcinogenic plutonium; a worker was contaminated with americium, and went on to 
contaminate houses and cars in four states costing over one million dollars to clean up; and the 
plutonium facility was forced to shut dowm for over a month when it was discovered that the 
.sprinkler heads in the fire suppression system had been non-funclional for years because they had 
been painted over, costing $6 million to replace them. At the time, DOE also discovered that the 
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contractor, the University of California, had never tested the fire hoses in the plutonium facility. 
Despite these and other examples that demonstrate how the Lab minimizes the value of safety 
and security requirements, NNSA has rewarded the Lab with decreased supervision through the 
self-policing pilot program. 

In addition to mishandling our country’s nuclear secrets and repeated safety violations, 
Los Alamos has also been the home of a litany of corruption and misconduct. Many of you were 
on the subcommittee that heard the testimony of two top security officials at Los Alamos, Glenn 
Walp and Steve Doran. They described uncovering crimes ranging from petty theft to organized 
fraud, and the Lab’s active efforts to conceal this misconduct. As thanks for their good work, 
Walp and Doran were fired and escorted off the propert)’ by armed guards. As you may recall, a 
number of Lab officials were fired over misconduct surrounding the Walp and Doran revelations, 
and others were sent to prison. What you may not know is that after the furor died down, a 
number of those individuals were either re-hired or given huge payouts from the Lab. This is 
clear evidence of a culture that punishes those who raise concerns and protects those who 
“protect” the Lab from scrutiny. 

Auditors at Los Alamos also continue to come to POGO with serious concerns about tlie 
auditing and investigations functions at the Lab; Because these functions liave been so pared 
down, and because the contractor has the ability to control and limit access to cost and pricing 
data, there are no honest, independent reviews to determine how the $2.2 billion that taxpayers 
give to Los Alamos annually is spent. In December 2005, the DOE Inspector General supported 
the claims of whistleblowers, stating their allegations "had merit because our results were similar 
and Los Alamos officials acknowledged that internal control weaknesses existed . . . Yet, 
rather than being rewarded for their diligence, the whistleblowers were given no work for years 
and treated as though they themselves were the problem 


- A^xessmeni of Chan^e^ lo the Internal Control Structure and their Impact on the AthwabHiry of Costa 
Claimed by and Reimbursed to Los Alamos Notional Laboratory: under Department of Energy Contract No IV- 
7405-ENC-36. Audit Report Number: OA.S-V-06-07. U.S. Dcpanmenl ol'Lncrgy OITice of the Inspector General, 
December 25, 2005. 
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LOS ALAMOS IS NOT THE ONLY PROBLEM IN THE COMPLEX 


It is important to remember that Los Alamos is a big problem, but also that it is not the 
only problem in the nuclear weapons complex. Senator Chuck Grassley (R-IA) has been 
performing aggressive oversight of security failures at the Sandia National Lab for several years, 
but those failures are bcgitming to raise their ugly heads again. Alarms are allegedly being turned 
off - apparently to make it easier for guards to sleep. At Panlex, where hundreds of nuclear 
weapons are stored and dismantled, significant safety breakdowns have been identified by the 
Defense Nuclear Facilities Safety' Board, yet DOE has done little to address these concerns. 
NNSA has imposed two fines for safety, the higher for almost $124,000, but this is a slap on the 
wrist for the contractor given the $30 million award fee. At Los Alamos and Y-! 2, where over 
400 tons of highly enriched uranium are stored, DOE has waived until 201 1 the requirement that 
the sites meet security standards (the Design Basis Threat). 

And at the moment, the contract to operate Lawrence Livermore Lab is up for 
competition. It appears, however, that this competition may be in name only: The same 
contractor that currently operates Livermore - UC - is poised to get the contract again. In 2006, 
then-House Appropriations Subcommittee on Energy and Water Chairman David Hobson wrote 
of his concerns, and I ask that the entire letter be entered into the record: 


1 am very disappointed with the results of the contract competitions that the Department 
has conducted to date. ... I have had potential competitors inform me that their 
companies will not invest the time, effort, and expense to prepare a proposal for the 
Livermore contract because they believe that the Department is dclerrained to award the 
Livermore contract to the University of California. ... In mandating competition, it wa.s 
the intent of Congress to attract the widest possible group of interested bidders to bring in 
fresh ideas and new talent to support the Department's mission. Unfortunately, the 
Department of Energy’s national laboratories arc not \ iewed as a competitive 
marketplace but as a playground for political patronage. The Department of Energy has 
resisted moving in the direction of fair and open competitive processes. Unfortunately, 
the Department has insisted on using the flawed Los Alamos competition as a model for 
the competition for the Livermore contract, which telegraphed to the contractor 
community that innovative ideas and concepts would not be favorably received. . . . We 
need a procurement process that fosters greater competition, not a process that essentially 
guarantees the status quo. 
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LOS ALAMOS AS THE BAD CHILD 

Despite these other sites that also urgently need addressing, Los Alamos sticks out as the 
bad child. Why? 

There is a joke around the complex that goes something like this: The Secretary of Energy 
tells the three national labs to Jump. Sandia asks how high, Livermore makes an excuse for why 
it’s too busy to jump, and Los Alamos asks who the Secretary of Energy is. Los Alamos sticks 
out as the bad child because of its consistent and utter disregard for federal oversight. 

At this rate, we can ail schedule next year’s hearing right now, given the likelihood that 
we'll still be discussing problems at Los Alamos unless the entire incentive .system is reversed. 

RECOMMENDATIONS 

Secretary Bodman sent a strong message earlier this month when he asked NNSA 
Administrator Brooks to .step down. He made it clear he was serious and wanted change. But 
getting a new Administrator is not enough: There needs to be an upheaval in the current system 
of incentives. 

First, there needs to be a renewed commitment to independent federal oversight from the 
Department of Energy. In its current state, the Site Office is non-functional. There are apparently 
over twenty vacant federal positions in that office. Fewer than a handful of qualified security and 
safety federal experts are charged w'ith overseeing about 1 5.000 contractor employees over a 40 
square-mile area. 

This problem was highlighted by both the Mies and Chiles Commi.ssions. In response, 
NNSA compounded the problem: rather than beefing up the Los Alamos Site Office, NNSA 
starved it and turned much of its oversight authority over to the contractor. The proper solution 
would be to install a robu.st team of qualified safety and .security personnel who are empowered 
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1o oversee and enforce contractual requirements - and who are rewarded for doing so. This 
means NNSA Headquarters needs to make it a priority to fund these efforts, and to promote 
federal employees who are thorough in their work. 

You also have before you today two men who have collectively issued hundreds, or even 
thousands, of recommendations for improving security and safet}' at the labs - DOE Inspector 
General Greg Friedman and Director of the Department of Health, Safety and Security (HSS) 
Glenn Podonsky. Yet no one is held responsible at NNSA for implementing their 
recommendations. Why do we keep asking the Inspector General and HSS to investigate and 
audit these sites if their recommendations fall on deaf cars? The problems we arc discussing 
today are far from new. In fact, they are infuriatingly familiar. 

Inspector General Friedman has offered twelve detailed recommendations for computer- 
security, as well as a number of recommendations to improve the personnel security clearance 
process, in the most recent Los Alamos case alone.^ Officials at NNSA or Los Alamos should be 
held accountable if these recommendations are not implemented, or at least be forced to present a 
convincing argument to justify why they have not done so. 

In addition to creating an incentive for federal overseers to do their jobs, we also need to 
make Lab officials feel the consequences when there arc failures. The surest way of doing so is to 
hit the contractor’s pocketbook. The problem is that the current fee structure docs not reflect the 
importance of both safety and security. Of the $51 million on the table for FY 07, currently only 
about $3 million of that amount is lied to security. Fortunately , that small percentage of the fee - 
6% - is not set in stone and should certainly be revisited and dramatically increased. The 
Performance Incentive Fee should be recalculated and equally weighted to rellect the equal 
importance of accomplishing the mission, ensuring security, and doing so safely. Currently, 


Selected Coniroh Over Classified Information at the Los .Alamos National Laboratory^ Special Inquiry 
Report to the Secretarv .. Audit Number OAS-SK-07-01 . U.S. Depanment of Energy Olfice of Inspector General. 
November, 2006. 
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completing the program is vastly more valued than having strong safety and security systems - 
even though failures in safety and security have repeatedly and adversely affected programs. 
Those incentives should be changed, .^^t the very least, it is clear that DOE should cut the 
Performance Incentive Fee for the most recent security debacle at Los Alamos. 

Another tool that should be utilized is the cost-reimbursement nature of the Los Alamos 
contract. HSS Director Podonsky currently has a team of investigators at Los Alamos focusing on 
enforcing the Pricc-Anderson Act and trying to determine whether or not to assess a ptenalty for 
failure to uphold security standards. Historically, such penalties have generally been small in 
comparison to the fees the contractors receive, and therefore create little incentive for 
improvement. This is an opportunity to show the Lab how seriously the government takes safety 
and security: DOE should disallow costs associated with Los Alamos’ failure to perform 
adequately. 

POGO also recommends that the “at will” employment provision at Los Alamos be 
changed. This type of employment creates a clear disincentive for Lab employees who try to raise 
concerns: if an employee is the bearer of bad news to management, the employee can be fired 
“at-will.” Having seen this scenario play out repeatedly over the last few years, it is no wonder 
that problems fester until they explode. There is no incentive for the employees to step forward 
given the tenuous nature of their employment. Furthermore, although this “at will” employment 
policy is not in etTect at Livermore, the employee union is verj' concerned it might be imposed on 
them if UC wins the contract competition. 

Another recommendation is for Congress to audit the missions currently being conducted 
at Los Alamos. Few people on Capitol Hill are a\vare of the various missions being performed 
there. Is the disparate nature of the Lab’s work making it harder to maintain excellence in safety 
and security ? Is the science being conducted rcllecting the Congress’ sense of the most urgent 
priorities that could be tackled by these scientists? For decades, Los Alamos has operated as a 
sacred cow' with no serious oversight. 1 hope this is the beginning of a new era. 
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In closing, I would like lo alert you to the fact that DOE will soon be submitting a request 
for $1 50 billion to fund a wildly ambitious project to revamp the nuclear weapons complex, 
known as Complex 2030, which will include creating the capacity to produce 125 new warheads 
per year. This Reliable Replacement Warhead (RRW) is envisioned to be a new and “more 
usable” nuclear w’arhead. Over the past decade, de,spite hearing after hearing, report after report, 
commission after commission, the complex has been unable to fix the egregious security and 
safety failures that have plagued it. There is no reason to believe that the situation will improve 
under this new plan. Before any funding for further expansion is approved, the security of the 
current complex and the safety of its workers must be ensured. 
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»To; Derek Dinwiddie <derekd@lanl.gov>, "James L. Ting^" 
<jting®y@)anLgov>, 

» "M. E. Pansoy-Hjelvik" <meph@lanLgov>, 

» "Keith W. Fife" <kfife@lanl.gov>, 

» 'Tammy M. Domingi^" <tammy@lanl.gov> 

»Cc: "TIiOTTias J. Lex" <tlex@lanl.gov> 

»Subject Suspension of all Classified CompuHng Activities 
»From: Shean Monahan <spm@ianl.gov> 

»Date: Wed, 10 Jan 2007 13 52 47 -0700 
»X-MaHer Apple Mail (2.752.2) 

»X-PMX-Version: 4 7 1.1 28075 
» 

» Derek, Jim. Lisa, and Keith 
» 

») just got off a conference call with Bob McQuinn concerning the Cyber 

»Security audit that was suspended last n^ht. 

» 

»As a result of the preliminary findings of that audit, LANL has agreed 
to 

»suspend all non-essential classified computing activities for at feast 

»th8 next 48 hours by the close of business today The definition of 
»"non-essential" has been left to the system owners to determine 
However. 

»8ob McQuinn's guidance is simply to suspend all activities, and if you 

»believE certain classified computing activities are essential that you 

»need to make the case to him and get agreement prior to continuing 
»Classified computing associated with MCA/Safety concems/Regulatory 
»compiance have a stronger chance of being allowed to continued, as 
»oppose to programmatic needs. Again the status of the AD-NHHO must be 
»dei:ermined by COB today 
» 

» 

»Shean Monahan 
»Nuclear Criticality Safety 
»Phone: 5.7S67 
»Pager:4 1013 

»<mailto:sp!n@lanl.gov>spm@lanl.gov 

» 

> 

>Tom Lex 

>Safety Basis Director 
>6-2269 
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Statement of Thomas P. D’Agostino 
Acting Administrator 
and 

Deput>’ Administrator for Defense Programs 
National Nuclear Security Administration 
U.S. Department of Energy 
Before the 

House Committee on Energy & Commerce 
Subcommittee on Oversight & Investigations 

January 30, 2007 


My name is Thomas P. D’Agostino. I am the Acting Administrator of the 
National Nuclear Security Administration (NNSA), within the U.S. Department of 
Energy (DOE), a position I have held since January 20, 2007, upon the resignation of 
Ambassador Linton F. Brooks, I realize that one of the primary reasons I am in this 
position is because of the Secretary of Energy’s dissatisfaction with progress in 
management and security issues, notably related to Los Alamos National Laboratory 
(LANL). 

Let me be clear, all options for both penalties and motivation are under 
consideration with LANL. This is not an academic exercise with a nominal fee at 
stake — the maximum available annual fee for operating LANL, with safety and security 
as key factors, is over $70 million. The majority of LANS’s fee is at risk as is their 
ability to earn additional award terms. The combination of award fee and award term are 
powerful incentives on performance and I intend to fully utilize these in managing the 
contractor. The Department is conducting a review of the incident to determine whether 
a Notice of Violation will be issued. Finally, the contract has a clause called 
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“Conditional Payment of Fee, Profit, and Incentives.” This clause allows for the 
complete elimination of fee in the event of a serious safety or security event that results in 
the loss of life or grave and irrecoverable harm to the security of the United States. 

I am serious about my new responsibility for security across the nuclear weapons 
complex. In fact, my first two days on the job as Acting Administrator were spent in 
New Mexico at LANL and the Los Alamos Site Office (LASO) to get a first hand, 
upfront and personal appreciation of the issues and to talk with the people responsible for 
implementing improvements. I was at the Site Office to see the staff and personally 
explain my recent decision to reassign the Site Office Manager, Ed Wilmot. In Mr. 
Wilmot’s place, I have directed one of the Department’s most experienced Site Office 
Managers, Mr, Dan Glenn from the Pantex Site Office in Amarillo, Texas, to serve as the 
Acting LASO Manager until a permanent replacement is found. Mr, Glenn has extensive 
safety and security experience at one of our most sensitive facilities; in fact, Pantex is the 
only NNSA facility where we have complete nuclear weapons on-site. LANL is also a 
unique place with some of the world’s best science and most sensitive infonnation, and I 
will support LASO with the best team to continue to drive improvements and make sure 
we are getting the job done. 

On January 3, 2007, 1 notified the LANS Board of Governors Executive 
Committee that I was calling the Executive Committee to Washington, D.C. that 
following week. On January 10, 1 met with the Executive Committee and told them of 
my concern in how they have handled the current security incident at LANL. The 
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Secretary, Deputy Secretary, NNSA Administrator, and LASO Manager joined me to 
emphasize the seriousness of the situation. In the coming months I will be routinely 
meeting with members of the Executive Committee to hear how they will to improve the 
security culture at LANL. Additionally, I have asked the Chairman of the Board of 
Governors, Mr. Gerald L. Parsky, to call the Secretary on a regular basis to update him 
personally on actions that the Board was taking to reach back to the corporate parents to 
support improvements at the laboratory. 

Make no doubt about this — if the current laboratory management is unable or 
unwilling to change the security culture at LAST.,, I will use every management tool 
available to me, consistent with the terms of the LANL contract, including recompeting 
the contract if necessary. 

All NNSA security functions, with the exception of cyber security, are 
consolidated under the NNSA Associate Administrator for Defense Nuclear Security. All 
NNSA cyber security issues are consolidated under the NNSA Chief Information Officer, 
who reports to the NNSA Associate Administrator for Management and Administration. 

With respect to the current issue of security at Los Alamos, let me assure you that 
NNSA is committed to the security of our nuclear weapons, nuclear material, and 
classified matter and it has taken significant steps to improve security since its inception. 
Neither NNSA nor I take any breach of security lightly. 



114 


The nature of our classified operations is complex, but the elements of good 
security are not. Good information security entails clear rules, strong controls, testing 
and validating, which provides for a credible deterrence. Personnel security clearances 
detemiine who gets access to classified information. Building and security area access 
controls provide high confidence that people going in and out of classified work areas are 
authorized to be there. Information security controls work to ensure only people with a 
need to know have access to the information. 

While these controls help set the foundation for a good security program, the 
system must also provide deterrence against violation of the rules and controls; a high 
probability for the discovery of security violations; and strong sanctions for willful or 
negligent violations. While we expect that security-cleared employees will abide by 
security rules because they understand and value good security, the system must also 
provide credible deterrence against intentional or inadvertent violations of the system of 
rules and controls. Searches and work area spot checks help ensure the system is 
operating as designed across all levels of the operation. We must continue to strengthen 
these activities. Specifically, LANL has strengthened its security escort requirements and 
more clearly specified the expectations and requirements for their escort program. LANL 
has also increased the number of inspections of personnel entering, working in, and 
exiting security areas and have conducted nearly 5,000 additional inspections since this 
incident came to light. 


4 



115 


While the Secretary has commissioned a special task force to review the 
Department’s personnel security program, NNSA has been taking action over the past 
year and a half to improve our personnel security processes. Specifically, we re- 
engineered work practices to reduce clearance processing time, implemented the 
electronic questionnaire for investigations processing (e-QIP), strengthened our quality 
assurance mechanisms, and instituted metrics to monitor and report on the performance 
of our personnel security functions. Additionally, we have coordinated with the Defense 
Security Service to provide comprehensive clearance adjudication training to our nearly 
100 contractors and Federal personnel security professionals at the NNSA Sendee 
Center. 


During the past two years, NNSA has made changes to strengthen the cyber 
security posture across the national complex and more recently addressed issues 
identified by the LANL incident. During 2005, the Department developed the strategic 
plan and a deployment schedule for Diskless Workstation implementation. In 2006, the 
Agency appointed Designated Approving Authorities (DAAs) for each NNSA site and 
are dedicated solely to cyber security, policy oversight and inspection. 

. NNSA has also assembled its Federal cyber security experts from across the 
Complex to inspect all Vault Type Rooms at LANT, to determine their compliance with 
the Department’s directive to close vulnerable system data ports. We have also set in 
place a schedule for this team to inspect the cyber security implementation at all other 
N'NSA sites. Based on these inspections I plan to take aggressive actions to strength our 
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cyber security and I pledge to you that I will deal as swiftly and directly with any 
incidents or actions needed to improve the cyber security posture of the NNSA. 

I would like to highlight some of the actions NNSA has taken to improve security, 
most notably those taken since the last significant security incident at Los Alamos in 
2004, involving Classified Removable Electronic Media (CREM). 

NNSA completed two major studies of NNSA security, one led by Admiral 
(Retired) Hank Chiles and one led by Admiral (Retired) Rich Mies. Admiral Chiles’ 
report in March 2004, “Strengthening NNSA Security Expertise; An Independent 
Analysis,” provided recommendations to make our Federal security workforce more 
effective. Admiral Mies’ study in April 2005, “NNSA Security; An Independent 
Review,” provided more than 100 recommendations in thirteen programmatic areas, 
including physical security, cyber security, intelligence and counterintelligence and 
making recommendations ranging from program management to budgeting to oversight, 

in response to the Chiles report; 

• Our Federal Site Offices have implemented formal security training programs 
leveraging the Departments Technical Qualification Program and the DOE 
National Training Center’s Professional Enhancement program, 

• We established a security intern program and have successfully integrated it 
into the Department’s Future leaders Program. 

Likewise, we took effective action to implement the recommendations of Admiral Mies; 
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• Partnered with DOE’s Office of Health, Safety, and Security to review our 
security policies with the goal to make our policies consistent with national 
standards, clearly understandable, and effective when implemented; 

• Re-aligned Defense Nuclear Security staff roles and responsibiliti^ to improve 
security program planning, programming, and evaluation; 

• Issued a Performance Assurance Program, which provides a multi-tiered system 
of self-assessments and other reviews of security performance aimed at assuring 
comprehensive assessments of security programs; 

• Established the Defense Nuclear Security Leadership Council, which comprises 
all site office security directors and meets regularly to address overarching 
security implementation challenges; and 

• We actively disseminate lessons learned from incidents and inquiries and the 
Associate Administrator for Defense Nuclear Security has directed the 
establishment of a Security Lessons Learned Center which will enhance our 
information sharing. 

• Replaced several Federal security directors for sub-standard performance. 

We have received a number of reports from the Government Accountability 
Office, the DOE Inspector General, and the DOE Office of Independent Oversight. Like 
the Chiles and Mies studies, we have addressed the recommendations in these reports and 
have made major improvements. 
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However, we do not rely on others to identify ways to improve security. You will 
recall that in 2005, the Administrator announced his intention to stand up an NNSA 
Headquarters Security Oversight Office. Over the course of 2005 and 2006, that office 
has been staffed and has begun conducting regular and special reviews to ensure the 
effectiveness of our security programs and security line management. This office is also 
implementing our new risk management model and the oversight of security planning and 
vulnerability analysis. It has improved our responsiveness to outside recommendations, 
reduced the number of open findings, and reduced the number of security incidents across 
the complex through more effective sharing of best practices and lessons learned. This 
year we will begin our first review of Site Office oversight processes as part of an 
initiative to improve our local Federal security oversight even more. 

Again, I take these most recent events at LANL very seriously. I welcome 
suggestions on how to best proceed at LANL and want to have a national laboratory that 
is known best for its outstanding contributions to national security and the advancement 
of science. 
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Summary of Statement by Gregory H. Friedman. Inspector General 

Secretary Bodman requested that the OfBce of Inspector General begin a review of the possible 
compromise of classified information at the Los Alamos National Laboratory. 

Our special inquiry disclosed that computer ports, which could have been used to 
inappropriately migrate information from classified systems to imclassified devices and 
computers, had not been disabled; classified computer racks were not locked; individuals were 
inappropriately granted access to classified computers and equipment; computers and 
peripherals that could have been used to compromise network security were introduced into a 
classified computing environment without approval; and, critical security functions had not 
been adequately segregated. 

In many instances. Laboratory management and staffhad not developed policies necessary to 
protect classified information. Further, Laboratory and Federal officials were not as aggressive 
as they should have been in conducting security reviews and inspections. Our findings raised 
serious concerns about the Laboratory’s ability to protect both classified and sensitive 
information systems. 

We provided the Department with a number of specific recommendations designed to assist it 
in its efforts to correct identified deficiencies. In addition, at the request of the Subcoimnittee, 
we identified several broader actions that could improve the overall security climate at Los 
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Mr. Chairman and members of the Subcommittee, I am pleased to be here at your request to 
testify on the Office of Inspector General’s review of the recent compromise of classified data 
at the Department of Energy’s Los Alamos National Laboratory. 


BACKGROUND 

The Los Alamos National Laboratory, now operated by Los Alamos National Security, LLC, 
for the Department’s National Nuclear Security Administration (NNSA), has been at the 
forefront of our country’s national security-related research and development enterprise for 
over 60 years. The physical and intellectual data that resides at the Laboratory reflects its 
critically important missions, which range from ensuring the safety and reliability of our 
nuclear stockpile and preventing the proliferation of weapons of mass destruction to 
protecting the Nation from terrorist attacks. To support these missions, the Laboratory 
manages highly sensitive classified materials and information. Safeguarding such classified 
information - housed at over 2,700 separate classified computing operations, including 139 
vault-type rooms - requires that the Laboratory establish and maintain strong security 
controls. 

Over the years, there have been a number of highly-publicized security incidents that have 
cast doubt on the Los Alamos National Laboratory’s ability to protect classified national 
security assets. In 1999, a Los Alamos scientist was accused of and subsequently pled guilty 
to mishandling classified information by downloading nuclear secrets and removing them 
from the Laboratory. In the following year, largely in response to security concerns at Los 
Alamos, the NNSA was established as a semi-autonomous agency. In 2002, two computer 
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hard drives containing classified data were thought to be missing from a secure area within 
the Laboratory, but were later found. In 2004, after an inventory indicated that two computer 
disks containing classified infonnation were missing, the Director of the Laboratory ordered a 
lengthy stand-down to address and resolve security concerns. That stand-down, according to 
the U.S. Government Accountability Office, delayed important national security work at a 
substantial cost to the taxpayer. 

Because of the need to ensure that the Nation’s vital nuclear material and information are 
adequately protected, the Office of Inspector General has performed numerous audits, 
inspections, and investigations of physical and cyber security-related issues at the Laboratory. 
Our reviews have covered diverse areas such as the implementation of the design basis threat, 
safeguards over classified material and property, and the security of information systems. I 
have been asked to testify before this Subcommittee and other Congressional panels on 
several occasions regarding a series of management and security issues at Los Alamos. 

As has been well-publicized, on October 17, 2006, the Los Alamos County Police Department 
responded to a call at the home of a former employee of a Laboratory subcontractor. During a 
subsequent search of the residence, police seized a computer flash drive that contained 
electronic images of Los Alamos classified documents. In addition, hard copies of over 200 
classified documents belonging to the Laboratory were also found in the residence. 

Laboratory officials determined that the seized classified information was derived from an 
ongoing scanning and archiving project. This scanning project was being performed by a 
subcontractor to the Laboratory. A criminal investigation regarding the seized material was 
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initiated by the Federal Bureau of Investigation. Shortly after the investigation began, the 
Secretary of Energy requested that the Office of Inspector General perform a separate review 
of the possible compromise of classified information at the Los Alamos National Laboratory. 
The Secretary also asked that we evaluate certain aspects of the Department’s security 
clearance process. 

OFFICE OF INSPECTOR GENERAL REVIEW 

The Office of Inspector General promptly began a special inquiry that focused on what the 
Department and its contractors did or did not do to protect classified infonnation and the steps 
that were taken to ensure that only properly qualified individuals had access to such 
information. As part of that effort, we interviewed over 80 Departmental, Laboratory, and 
subcontractor personnel; reviewed relevant security guidance and procedures; and, examined 
numerous other relevant documents. Our findings related to the security clearance process 
should be discussed in closed session. 

Our special inquiry revealed that despite the expenditure of millions of dollars by the NNSA 
to upgrade various components of the Laboratory’s security apparatus, the security 
environment at the Laboratory was inadequate. 
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In particular we found that: 

• Certain computer ports, which could have been used to inappropriately migrate 
infoimation from classified systems to unclassified devices and computers, had not 
been disabled; 

• Classified computer racks were not locked; 

• Certain individuals were inappropriately granted access to classified computers and 
equipment to which they were not entitled; 

Computers and peripherals (scanners and a printer) that could have been used to 
compromise network security were introduced into a classified computing 
environment without approval; and. 

Critical security functions had not been adequately separated, essentially permitting 
system administrators to supervise themselves and override controls. 

In many cases. Laboratory management and staff had not developed policies necessary to 
protect classified information, had not enforced existing safeguards, or provided the attention 
or emphasis necessary to ensiue protective measures were adequate. Some of the security 
policies were conflicting or applied inconsistently. We also found that Laboratory and 
Federal officials were not as aggressive as they should have been in conducting security 
reviews and physical insp^tions. In short, our findings raised serious concerns about the 
Laboratory’s ability to protect both classified and sensitive information systems. 

Any diversion of classified material creates a potentiaUy serious national security situation. 
For this event in particular, the full extent of damage or dispersion of the classified material 
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may never be fully known. The criminal investigation into this matter is ongoing and may 
yet reveal additional security problems. Our findings, however, which are discussed in more 
detail in the following paragraphs, underscore continuing problems with the Laboratory’s 
overall management and security posture. 

Open Computer Ports 

Following the secinity incident in 1999, the then Secretary of Energy ordered the Los Alamos 
National Laboratory and other similarly situated facilities to implement controls and 
protections to make it physically impossible to migrate classified information to unclassified 
systems or devices. Although Los Alamos had taken action to disable some devices, our 
review found that, in a significant number of instances, the Laboratory failed to deactivate 
unneeded open computer ports such as USB and “firewire” ports that could have been used to 
circumvent security controls. 

This weakness could have permitted the transfer of classified information to imelassified 
systems or easily concealable devices such as flash drives and portable hard drives. Open and 
unsecured ports also could have ultimately been used to transfer classified information to the 
Laboratory’s unclassified network and the Internet. As evidenced by a series of e-mail 
exchanges in the March/April 2006 timefiarae, officials in the Laboratory’s Chief Information 
Officer’s organization recognized that it would be a simple matter to exploit this weakness by 
plugging a USB or firewire recording device into an open port and copying information to it. 
However, despite this recognition, a Laboratory- wide solution was never developed or 
deployed. 
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Unlocked Computer Racks 

We also noted that Laboratory system administrators failed to take advantage of readily 
available security measures that, in this case, could have helped prevent the unauthorized 
removal of the electronic classified material found on the seized flash drive. As part of an 
initiative to secure classified removable electronic media (CREM) following the 2002 security 
event, Los Alamos acquired locking mechanisms that were to be used to secure and prevent 
access to most rack-mounted classified computer systems. Following the installation of the 
locks. Laboratory management determined that if a computer system did not contain CREM 
and it was located in a vault-type room, there was no need to lock the racks. As a 
consequence, racks housing classified computers in the vault we reviewed were never 
secured. Based on our inquiries, a Laboratory management official conceded that using the 
available locks would have denied access to the enabled USB ports and could have prevented 
the download of the diverted classified information. 

Inappropriate Access Granted 

In addition, despite existing control measures and specific guidance by the NNSA to the 
contrary, system administrators at the Laboratory in^propriately granted certain individuals 
access to classified computer equipment to which they were not entitled. Specifically, 
individuals were given authority to physically access rack-mounted classified computer 
systems - access that could have permitted them to exploit open USB and firewire ports. 
Laboratory officials also allowed a person that had no need to print documents to use a high- 
speed classified network printer capable of producing double-sided documents identical to the 
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format of the hard copy classified documents that had been seized by law enforcement 
officials. A senior Laboratory security official confinned that granting unneeded access to 
users was contrary to policy and that such action endangered security. 

Introduction of Unapproved Devices 

To ensure that classified systems are secure to operate, computers and peripheral devices 
should be evaluated for risk and included in an approved systems security plan prior to being 
introduced into a classified computing environment. However, program, security, and system 
administration officials responsible for the vault we reviewed routinely ignored these controls. 
Our review disclosed that officials permitted the introduction of several computers and 
peripheral devices (scanners and a printer) into a classified computing location even though 
these devices were not included in the accredited security plan. Thus, Laboratory and Federal 
officials were not able to evaluate the security implications of their inclusion in the vault in 
question. Potentially, the introduction of these devices could have compromised security. 

Incompatible Security Functions 

Additionally, Los Alamos did not adequately separate critical security duties. According to 
NNSA policy, '‘measures must be implemented to ensure the management, control, and 
separation of security critical Junctions." However, Laboratory officials frequently did not 
provide for such separation, and a single individual was tasked with both system 
administration and security officer duties - essentially supervising and approving his or her 
own actions. As a result, the system administrator was able to provide access to classified 
computers and peripherals to unauthorized individuals, thereby overriding classifirf 
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protection safeguards. Los Alamos officials noted that the same issue existed in classified 
computing venues across the Laboratory. 

ADDITIONAL FACTORS CONTRIBUTING TO PIViRSION 

The security weaknesses we discovered resulted fi-om control and management breakdowns at 
both the contractor and Federal level. While the Department, the NNSA, and Los Alamos had 
deployed some security controls to protect classified infonnation, we observed problems with 
policy development and implementation. Had the Department and the NNSA been more 
aggressive in its contract administration and review activities, it may have been able to 
prevent, detect, or correct in a timely manner the problems or factors that contributed to the 
diversion of classified material. 

Weaknesses in Security Policies 

Our review, for example, disclosed a particularly significant instance where classified 
computer policies had not been developed or properly formalized. In 1 999, the then Secretary 
of Energy directed that safeguards be developed and implemented to prevent the migration of 
classified data to unclassified systems to protect against insider threats. That direction 
specifically required that organizations ‘'establish requirements that place stringent controls 
on computers and work stations, including controls on. ..ports that could be used to download 
flies." The requirement was never included in the Department’s cyber security policy nor was 
it completely implemented by the Laboratory. 
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Furthennore, our inquiry revealed that conflicting direction and a lack of understanding 
regarding the introduction of equipment into classified computing environments contributed 
to the weaknesses we found. For example, Laboratory guidance required that security plans 
be updated and systems reaccredited when security configurations changed. Certain officials, 
however, incorrectly instructed security officers that there was no need to comply with that 
direction for selected devices. In other instances, officials inappropriately believed that the 
need to update security plans and obtain reaccreditation of classified systems was a matter 
solely within their discretion. They held this mistaken belief even though the Laboratory had 
published specific guidance regarding events that triggered update requirements. During our 
review, we identified a number of changes in security configurations for the vault we 
evaluated that should have triggered the requirement to update the system security plan. Yet, 
such action had not been taken. 

Policy regarding the acquisition of computer support services for classified computing 
environments at the Laboratory was also inconsistent In particular, as it applies to the matter 
under review, procurement policy permitted subcontractors to furnish unaccredited items stmh 
as scanners and software for archiving projects. Such practices, however, were contrary to the 
system’s security plan and to cyber security guidance issued by the NNSA. The NNSA 
guidance specifically prohibited the connection of non-government owned equipment to 
classified networks. 
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Insufficient Management Review and Overdue Inspection Activities 

The failure of Laboratory managers and Federal security officials to perform verification 
activities may also have adversely affected the classified security climate at the Laboratory 
and contributed to the recent removal of classified materid. Laboratory security officials 
indicated that they did not visit vaults or computing facilities to determine whether controls 
described in security plans were actually in place. Federal officials at the Los Alamos Site 
Office also told us that they did not conduct physical inspections of the Laboratory’s 
classified information systems. Accrediting officials at the Site Office explained that they 
placed a great deal of emphasis on reviewing security plans and accrediting systems, but that 
they had only 1 .5 staff years to dedicate to classified security. They asserted that as a 
consequence they were unable to perform physical inspection of systems to validate that the 
Laboratory’s plans were accurate and were being enforced. 

Delays in completing classified information system inspections may also have impacted the 
detection of the security weaknesses we identified. NNS A officials informed us that they 
relied almost exclusively on the Office of Independent Oversight, Office of Health, Safety and 
Security to conduct detailed inspections of Los Alamos’ classified information systems. 

These inspections are normally completed once every two years. However, the inspection at 
Los Alamos had not been performed for about four years for a variety of reasons including the 
2004 security stand-down at the Laboratory. The Office of Independent Oversight had begun 
a previously scheduled review of Los Alamos’ classified information systems at about the 
same time the diversion of classified information was discovered. 
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NEEDED ACTIONS 


After this incident was discovered, management officials at various levels of the Departmrait 
and at the Laboratory launched several efforts to identify and correct control deficiencies that 
caused or contributed to the unauthorized removal of classified information. In particular, the 
Secretary established two task forces to address our findings and the Deputy Secretary 
directed an immediate review of policies and practices related to computer ports at each of the 
Department’s facilities. 

As a result of our review, we provided the Department a number of recommendations 
designed to assist it in its efforts to correct identified deficiencies. For example, we 
recommended that the Department take immediate action to disable unneeded computer ports, 
secure classified computer racks, segregate critical security functions, and limit classified 
computer access and privileges to those who specifically require it. 

In its letter of invitation, the Subcommittee requested that the Office of Inspector General 
identify broader actions that could improve the overall security climate at the Los Alamos 
National Laboratory and the Department at large. Based on the results of this special inquiry 
and other recent IG reviews and investigations, we concluded that the Department and the 
NNS A should; 

1. Establish an up-to-date, unified, risk-based security policy that flows throughout all 
elements of the Department It is essential that this policy be applied consistently and 
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that all aspects of security — physical, cyber, and personnel — be integrated to ensure a 
seamless system. 

2. Aggressively hold individuals and institutions -- at the Federal and contractor levels -- 
accountable for failure to follow estabh'shed security policies. Penalties should 
include meaningful reductions in contractor fees; personnel reassignments and 
terminations; civil penalties; program redirection; and, ultimately, should need be, 
contract termination. 

One final note, one of the most disturbing aspects of this event is the fact that it was not 
discovered by the Laboratory but by local police during an off-site investigation unrelated to 
Laboratory activities. Without this inadvertent discovery, the diversion of classified material 
may never have been disclosed. In that light, Los Alamos and the D^artment need to 
strengthen efforts to proactively detect and prevent security breakdowns. This might include, 
for instance, improving the level of monitoring of classified computer/information activity by 
the use of specialized software, activity logging, and by initiating a program of unannounced 
security checks beyond routine inspections. Admittedly, there is a cost involved with such 
undertakings, but it is a cost that may be necessary given the pattern of security issues at the 
Laboratory. 

Mr. Chairman, this concludes my statement and I would be pleased to answer any questions 
you may have. 
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Testimony of Glenn S. Podonsky 
Chief Health, Safety and Security Officer 
U.S. Department of Energy 
Before the 

Subcommittee on Oversight and Investigations 
Committee on Energy and Commerce 
U.S. House of Representatives 

January 30, 2007 

Mr. Chairman and members of the subcommittee, thank you for inviting me to testify today as 
you probe into the security violation involving the improper removal of classified information 
from the Los Alamos National Laboratory. To perform its national security mission, the 
Department of Energy produces, processes, and stores significant quantities of classified material 
on a continuous basis. Because of the nature of this information and its potential impact on the 
national security of the country, we need to ensure that our policies and practices minimize the 
risk of potential security failures. 

In light of the progress made in the last few years throughout the Department to correct past 
performance deficiencies in the control of classified information, this most recent unauthorized 
removal of classified information by a cleared employee at Los Alamos is a significant 
disappointment to the Secretary and the Department. We fully understand that incidents such as 
the one currently under examination by the Committee not only expose our sensitive national 
security information to potential compromise, but erode public confidence. As an organization 
with a mandate for an independent review responsibility, our organization is responsible for 
assessing performance based on the facts. 
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Los Alamos has made some progress in the past five years, but we must balance this against 
what should be the expectation of performance for an organization with such a critical scientific, 
defense and national security mission. In this respect, Los Alamos has been slow to address the 
root causes of its failures and to transform the entrenched operational culture that perpetuates 
them. Los Alamos now has new contractor management and an opportunity to move in a more 
positive direction. 

At the time this specific incident was discovered, the Office of Independent Oversight was 
conducting a scheduled comprehensive inspection of the Laboratory’s safeguards and security, 
cyber security, and emergency management programs, including those responsible for protecting 
classified information. Consequently, the Office of Independent Oversight was not assigned 
responsibility for conducting the inquiry into the circumstances surrounding the incident. This 
responsibility was assigned to the Inspector General. I will therefore focus my remarks on the 
overall performance of the programs we observed during the Independent Oversight inspection 
of Los Alamos National Laboratory. 

Prior to our recent inspection activity, we conducted inspections of safeguards and security, 
cyber security, and emergency management programs at Los Alamos in 2002. The 2002 
safeguards and security inspection determined that the Laboratory’s Material Control and 
Accountability program was performing at less that an effective level of performance. During 
the concurrent cyber security inspection, the classified cyber security program was determined to 
be performing effectively, consistent with DOE requirements; however, the unclassified cyber 
security program exhibited significant weaknesses. 
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Independent Oversight’s 2006 comprehensive inspection of Los Alamos also covered the areas 
of safeguards and security, cyber security, and emergency management in compliance with 
current Independent Oversight protocols. On-site activities for the 2006 inspection concluded 
last month. The final inspection report is currently under review and has not yet been published. 
Although the final report has not been issued, we can provide a brief general summary of the 
major inspection results in terms that are appropriate for this unclassified hearing. 

Safeguards and Security Programs 

During this inspection, the Laboratory’s safeguards and security programs exhibited both 
strengths and weaknesses. While we are encouraged by limited improvements in some areas, we 
believe that considerable work remains to be done to ensure that safeguards and security 
programs at Los Alamos fully meet Department expectations. 

Protection of Special Nuclear Material 

Our inspection concluded tliat Los Alamos is adequately protecting the Category I quantities of 
special nuclear materials. This is based on our observations of effective performance in several 
critical areas, including improved performance in some functions that had previously exhibited 
weakness in 2002. The most significant improvement in the protection of special nuclear 
materials can be attributed to the collective actions of the Department, NNSA and Los Alamos to 
remove weapons grade quantities of this sensitive material from Technical Area 18, which had 
been the target of much public criticism for several years regarding its questionable security 
posture. The transfer of a significant quantity of material to the Nevada Test Site’s Device 
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Assembly Facility, a substantially more secure facility, has facilitated on-site consolidation of 
weapons grade materials into a single security area at Los Alamos that affords a more effective 
protection posture. 

Physical security systems installed to protect special nuclear materials at Los Alamos were 
subjected to rigorous performance testing and evaluation. Though aging, the current Perimeter 
Intrusion Detection and Assessment System around the facilities processing weapons grade 
special nuclear material performs effectively, and is adequately maintained. 

Our evaluation of the Laboratory’s protective force identified improvements since the 2002 
inspection. Many of these are attributed to the aggressive steps taken to meet Departmental 
security goals by the end of FY2006. For example, Los Alamos increased protective force 
mobility, survivability, and lethality (e.g., procurement and deployment of enhanced weapons 
systems and armored vehicles). Protective force members performed effectively in both Limited 
Scope and full scale Force-on-Force performance tests. While overall protective force 
performance was determined to be effective, additional attention is required to improve certain 
tactical capabilities and communications. 

While the Material Control and Accountability Program showed the greatest level of 
improvement since the 2002 inspection and was deemed to be performing effectively, some 
program areas require further attention, including the vulnerability assessment process which 
identifies risks associated with small quantities of nuclear materials maintained outside of the 
Protected Area. In addition, processes to accurately measure certain nuclear materials that 
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present unique measurement uncertainties require further work. Continued programmatic 
support is needed in order to sustain program improvements. 

While not currently placing nuclear materials at risk, a few elements of the protection program 
for special nuclear materials require increased management attention. For example, several 
aspects of the Human Reliability Pro^am require strengthening. This assurance pro^am 
monitors the trustworthiness and reliability of employees who perform sensitive duties and 
require physical access to weapons-usable special nuclear material. Similarly, various aspects of 
the issuance and retrieval of security badges and the out-processing of employees need to be 
improved. These elements require increased attention and follow-up by line managers. 

Protection of Classified Matter 


In the area of classified matter protection it was evident that the site has made significant 
improvements in its efforts to track and account for Classified Removable Electronic Media and 
printed documents, is implementing a new electronic lock and key system that will reduce the 
number of keys and will record key usage, and has implemented a security inquiries program that 
provides stable leadership, is thorough in its process, and uses results in the form of lessons- 
leamed to avoid recurrence where possible. While certain elements in place to protect classified 
documents and materials were found to be functioning effectively, we identified a number of 
significant problems within this program. 
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It was evident that the site is overly dependent on the use of non-standard storage configurations 
for the protection of many of its classified weapons parts. Storage of classified weapons parts at 
Los Alamos does not meet normal protection requirements and therefore required alternative 
protection measures to adequately compensate for storage configuration shortcomings. 
Compensatory measures that were specifically established to support approval of these iion- 
compliant storage configurations were found to be inconsistently executed and were therefore 
not providing adequate protection. Furthermore, the need for additional protection measures was 
also identified in order to ensure that some classified components were protected from 
unauthorized visual or physical access. A review of the Technical Surveillance Countermeasures 
Program, intended to protect against electronic eavesdropping, revealed that the program lacked 
the resources necessary to provide the levels of support required by the Laboratory and its 
missions. The overall impact of these and other deficiencies in the protection of classified matter 
at Los Alamos is considered to be substantial. 

Management Feedback and Improvement Mechanisms 

With regard to management processes, implementation of important management feedback and 
improvement mechanisms was seriously flawed at both the Laboratory and the NNSA site office. 
WTiile the Laboratory has new plans for conducting self-assessments and implementing a 
contractor Performance Assurance Program as part of the contract transition, the plan has yet to 
be fully implemented. Neither has the Laboratory implemented an effective process for 
developing, implementing, tracking, closing, and validating corrective actions for identified 
deficiencies. Similarly, the NNSA site office’s Security Survey Program - a primary too! for 
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line management oversight of contractor security performance - also suffers from insufficient 
resources and inadequate implementation. In a few cases, the Laboratory has decided not to 
comply with DOE requirements and the Laboratory and NNSA did not utilize the Department’s 
mandated deviation processes to fully assess and accept the risks associated with these decisions. 
Additional effort is needed to improve performance of management systems, since these areas 
are essential to attaining and sustaining effective protection programs, not only in the safeguards 
and security arena but also in cyber security and emergency management programs. 

Cyber Security Programs 

Independent Oversight also inspected classified and unclassified cyber security programs at the 
Laboratory. We conducted penetration tests of unclassified systems during the 2002 inspection. 
However, this most recent inspection was the fust time that classified computer systems at Los 
Alamos were tested in such a rigorous manner. (Independent Oversight was granted specific 
authority to conduct penetration testing of classified systems by the Deputy Secretary of Energy 
in 2004), 

Some progress in improving Los Alamos cyber security was identified by our inspection team, 
the most significant of which include the segmentation of computer networks to establish need- 
to-know protection controls, implementation of measures to mitigate risks posed by wireless 
technology (on the unclassified network), and the centralization of management responsibility 
for most information systems. In addition, the unclassified computer network was identified as 
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deploying a well-configured perimeter defense that successfully mitigates many of the 
sophisticated threats originating from the Interaet. 

While progress was evident in certain areas, much improvement is still required to safeguard 
classified information. Los Alamos’ cyber security policies and procedures are not 
comprehensive and are not up to date with DOE/NNSA requirements or other guidelines, nor do 
they sufficiently address threats posed by emerging technologies. Additionally, risk 
management processes are insufficient, resulting in risk acceptance decisions at inappropriate 
levels of management. 

The protection of classified computer systems is overly dependent upon administrative controls 
rather than on more robust engineered controls and barriers. The existence of such measures 
would have mitigated the ability of the employee involved in the security incident to perform the 
actions necessary to remove the data from the classified computer system without authorization. 
Because the Laboratory has not implemented these measures, Los Alamos national security 
systems continue to operate at an increased risk from insider threats. My Office has been 
working with the Chief Information Officer in revising the Department’s classified cyber 
security policy to address emerging technologies and new threats. The Chief Information Officer 
has made this effort one of his highest priorities. 


Another problem area identified at Los Alamos involves the certification and accreditation of 
both classified and unclassified information systems. Los Alamos certification and accreditation 
processes have not kept up with current methodologies, and existing processes do not ensure a 
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consisteni approach for applying and testing necessary security controls. There are 25,000 
unclassified workstations and servers at Los Alamos not certified and accredited. 

Moreover, self-assessment processes arc weak, with very few systems actually being tested as 
part of these assessments. Deficiencies identified during self-assessments are not reported to the 
Los Alamos Site Office or NNSA, and development of corrective action plans to address them is 
optional. As a result, there is little in-depth understanding of program weaknesses. It is also of 
concern that the Los Alamos Site Office and NNSA have not provided sufficient leadership to 
ensure that all current cyber security requirements are appropriately implemented and that 
performance is monitored to ensure effectiveness. 

WTiile progress has been made to date, the cyber security issues that remain at Los Alamos make 
it clear that a significant amount of additional work is needed in this area. 

Emergency Management Programs 

Independent Oversight also conducted an inspection of Los Alamos’ emergency management 
programs. Of the seven focus areas inspected, all were found to exhibit serious weaknesses 
requiring increased management attention. Inspection results reflected a lack of progress in 
implementing program improvements for previously identified deficiencies. More disconcerting 
is the fact that four previous findings, although closed by NNSA, had not been effectively 
corrected. 
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Other Related Independent Oversight Activities 

Secretary Bodman has requested my office to organize and lead a joint task force to review the 
Department’s overall Personnel Security Program and Policies. As we noted earlier, the recent 
Los Alamos incident raised DOE management concerns about certain determinations used in 
granting clearances several years ago. In addition to questioning processes used to adjudicate 
derogatory information, these concerns also involve the adequacy of follow-up procedures for 
monitoring and reinvestigation when warranted. This task force will review DOE’s persomie! 
security policies and standards and will provide specific findings and recommendations for 
resolving identified deficiencies. Task force activities are scheduled to be completed by February 
28 of this year. In addition to performing these activities in the personnel security arena, my 
office will also support the Chief Information Officer, who has been assi^ed by the Secretary to 
conduct a similar review of the Department’s Cyber Security Program, 1 will defer to my 
colleague, Mr. Pyke, to elaborate on his plans for the conduct of this cyber security review. 

Concluding Remarks 

Mr. Chairman and Members of the subcommittee, our recent Independent Oversight inspection 
resulted in the worst set of performance ratings for safeguards and security, cyber security, and 
emergency management collectively that we have seen at the Los Alamos National Laboratory in 
many years. That combined with the history of security problems at Los Alamos is of great 
concern to everyone. However, it would be an oversimplification to say that everything is wrong 
at the Laboratory and that they are incapable of protecting national security assets. The recent 
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inspection indicated that, on balance, special nuclear material and classified removable electronic 
media, two areas with historical weaknesses, have improved and were adequately protected. 
Improvements in these and other areas should be considered along with the remaining significant 
deficiencies identified during the recent Independent Oversight inspection. 

Since the time when responsibility for managing site operations was transferred to the new 
integrating contractor, there is evidence to indicate that the new contractual relationship provides 
a better foundation for security emphasis. In comparison to past contract management processes, 
the new contractual arrangements and performance-based award fee structure provide increased 
incentives for the Laboratory contractor to implement an improved, compliant, and effective 
security program in the future. However, the overall security picture is still below departmental 
standards — an obvious conclusion from not only site events but also from the results of our most 
recent inspection activity. As our organization moves ahead in the continued evaluation of the 
Laboratory’s performance, we are mindful of the issues at Los Alamos and their causes. We are 
cognizant that productive changes require our continued commitment to identifying the origins 
of breakdowns in the areas of security, as well as health and safety. We look forward to 
participating in the continued identification and resolution of Departmental problems, and seek 
to assist Line Management in pursuing clear paths for successfully implementing corrective 
actions. We hope to do this through our independent oversight activities. 
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TESTIMONY OF 
THOMAS N.PYKE, JR. 

CHIEF INFORMATION OFHCER 
U.S. DEPARTMENT OF ENERGY 
BEFORE THE 

SUBCOMMITTEE ON OVERSIGHT AND INVESTIGATIONS 
COMMITTEE ON ENERGY AND COMMERCE 
UNITED STATES HOUSE OF REPRESENTATIVES 

JANUARY 30, 2007 

Good moming, Mr. Chainnan. My name is Tom Pyke. lamIfaeChief 
Inforaiation Ofltc^ of tlie Department of Energy. 1 came to the Department in 
November 2005, and have given a high priority to revitalizing the management of cyher 
security widiin DOE. 

Over the last year, the Department has undertaken a inajm efifort to improve our 
cyber security. We developed a plan to update Departmental cyber security directives 
and to issue guidance in specific areas of cyber security. In December 2006, the Dqmty 
Secretary signed a new DOE cyber security Departmental Order which established a new 
governance structure for cyber security program management. This Order directs the use 
of a risk-based management approach and makes clear assignment of responsibili^ to 
Under Secretari^ and other senior officials to oversee cyber security management within 
their organizations, including the field (Mganizations under their jurisdiction. The Under 
Secretaries have accepted this enhanced role, and are working bard to str»igthen the 
management of cyber security. 

The new Order provides for timely issuance of urgently needed new cyber 
security guidance. To date I have issued 15 cyber security guidance documents, and the 
Office of the Chief Information Officer continues to develop guidance in accordance widi 
the plan developed last year. 1 have already issued guidance on certification and 
accreditation of systems and on system configuration management, both directly relevant 
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to the recent L(» Alamos incident. The new Order pves the Department flexibili^ to 
respond in a timely way to the changing threat environment and other time-sensitive 
concerns. For example, we have already issued special guidance on protection of 
personally identifiable information and on disposal of disk drives. 

In direct re^wnse to the recent security incittent at Los Alamos, die Deputy 
Secretary signed a memorandum in early November directing that actions be taken 
quickly to provide more protection of classified systems and the classified information on 
them. This memorandum included guidance prepared by the Office of the Chief 
Information Officer on blocking physical ports on classified computers. Our office has 
also conducted a study that has identified hardware and software means that can be used 
to block physical ports, or connection points, on computers. In addition, fire Secretary 
has asked me to lead a review of the Inspector General’s cyber security recommendations 
in his report on die recent Los Alamos incident We expect to complete the report of this 
review by late February. 

Finally, directly to the concerns being addressed in this bearing, we have recently 
completed a planned DOE National Security Systems Controls Manual, now in fonnaL 
final review within the Department. Tliis Manual, which updates the Dqiartment's 
formal directive for protecting classified systems, was already being prepared when die 
Los Alamos incident became known. We have been able to incorporate actiom in the 
Manual based on a number of the lessons learned firom this incident 

I would be pleased to respond to any questions you may have. 
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Statement of Clay Sell 
Deputy Secretary 
U.S. Department of Energy 
Before the House Energy and Commerce Committee 
Subcommittee for Oversight and Investigation 
January 30, 2007 


Chairman Stupak, Congressman Whitfield, and Members of the Subcommittee, I 
welcome the opportunity to appear before you today to discuss security within the 
Department of Energy and the recent security incident at Los Alamos National 
Laboratory (LANL). 

The national security responsibilities entrusted to LANL are among our Nation's most 
important The successes that have sprung forth from this great lab in years past, and 
today, are properly a source of great pride and power in our country. The capabilities of 
the men and women of LANL continue to make this lab still the only place to go for 
many national security requirements. And, of course, the secrets entrusted to the lab are 
among our Nation's most sensitive. These are among the reasons that the facts of the 
most recent security incident at LANL are so troubling and a source of such tremendous 
fiustration and concern to the Secretary, me, and many others throughout the DOE 
enterprise. 

And now, despite years of focused attention and the expenditure of millions of dollars, 
we are confronted again with a security failure, the facts of which suggest we still have a 
much larger and deeper problem. Many v/ell-intentioned leaders have worked to improve 
security at LANL over the last few years. And in many key areas, the Department and 
the Laboratory have made substantial progress. But Secretary Bodman and I are less 
interested in effort, process, and good intentions and more interested in results; and the 
results on matters of security at Los Alamos National Laboratory remain unacceptable. 

You have aheady heard from earlier witnesses about what they think may have led to the 
problems, and what happened in the recent matter. Later today, you will hear from the 
Acting Administrator of the NNSA, the Department's Chief Information Officer, and the 
Director of LANL in more detail. Therefore, I intend to focus the balance of my remarks 
on what the Secretary and i are doing to fix problems and move forward. 


1 . In the immediate aftermath of learning about the security breach at LANL, we acted 
immediately to assess the situation and understand the facts. The NNSA 
Administrator dispatched the Chief of Defense Nuclear Security and a cyber security 
team to the site to begin immediate review of the incident. On October 26th, the 
Secretary ordered the Inspector General (IG) to investigate. And on October 30th, I 
personally traveled to the Lab to meet directly with those on the ground and to gain 



146 


first-hand knowledge of the incident to begin remedial actions to address the 
problems. 

2. We took quick action to address realized vulnerabilities. On November 8th, I issued a 
memorandum to improve cyber security protection for classified computer systems 
throughout the DOE complex. That memo included immediate direction to every lab 
and DOE facility operating a classified system to conduct an examination of the 
adequacy of its practices and procedures to ensure that classified information is 
protected using multiple layers of cyber security protection, including protection 
against potential insider threats. Also, the memo required an accounting by each lab 
and facility for full implementation by January 1 5, 2007. 

3 . In response to findings contained within the Inspector General's report issued on 
November 27, the Secretary directed two actions. First, the creation of a senior level 
ad hoc committee to review all of the recommendations in the Inspector General's 
report except those concerning the Department's security clearance process. Second, 
the establishment of a task force to review the personnel security programs 
throughout the entire DOE complex. Both reviews will conclude and provide 
recommendations to the Secretary no later than February 28, 2007. Once we have 
reviewed the results of the Laboratory's actions, corporate and Federal validation 
activities, the Secretary's two Task Forces' recommendations, and other actions that 
have been directed, we will develop additional improvements and conduct follow-up 
reviews, as necessary. We will be pleased to discuss with the subcommittee the 
additional actions the Secretary decides to take once he has received and reviewed the 
Task Forces’ recommendations. 

4. Furthermore, during numerous occasions, meetings and conversations with the NNSA 
Administrator and his team, the LANL Director, and members of the Executive Board 
of LANS, LLC, the Secretary and I have expressed our depth of concern, sense of 
urgency, and expectations for accountability from the top of the department down to 
the bottom of the laboratory, and that these continuing security problems must be 
addressed, rectified, and prevented in the future. 

5. Even before the recent incident at LANL, the Department had substantially increased 
focus and attention on matters of cyber security, including hiring a new CIO to 
reinvigorate and strengthen our efforts. Among other things, he accelerated the effort 
to update our cyber security order and National Security Systems Control Manual and 
has taken numerous actions to improve our Department-wide cyber security posture. 
We also brought in a new Chief of Counter-Intelligence and reorganized the office to 
improve its performance. 

6. The Department also previously recognized that the leadership of the laboratory could 
be strengthened by competing the M&O contract. And last July, a new corporate 
leadership team took over management of the laboratory for the first time in its 64 
year history. 
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7. Finally, because it is our view that we are accountable to the President, the Conp-ess, 
and the American people not just for efforts, but for results, the Secretary and I made 
the difficult decision to replace the Administrator of the NNSA. 

Only time will tell if we are to be successful. But the Secretary and I are committed to 
making the tou^ decisions required to lead our Department to a level of security 
performance befitting the great missions you have asked us to carry out. We have made 
progress in improving security across the Department and at Los Alamos, but as the latest 
incident indicates, we have much more work to do. We remain committed to the task. 

I am happy to answer your questions at this time. 
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Summary of the Statement of Dr. Linda Wilbanks 
Chief Information Officer 
National Nuclear Security Administrarion 
U.S. Department of Energy 
Before the 

Committee on Energy & Commerce 
Subcommittee on Oversight & Investigations 

January 30, 2007 

Dr, Wilbanks’ testimony will address the cyber security incident at the Los Alamos National 
Laboratory (LANL) and the actions the National Nuclear Security Administration (NNSA) has 
taken to prevent additional incidents. 

It will include her responsibility within the N'NSA Management Structure and 
background/qualifications of Dr. Wilbanks as the NNSA Chief Information Officer. 

NNSA Cyber Security Program Manager and the Director of the Diskless Workstation Taskforce 
immediately flew to Los Alamos with two members of the Department of Energy’s (DOE) cyber 
security team to identify the issues. 

Actions taken as a result of the incident include: 

• Requiring all NNSA sites to identify open ports on classified systems, and determine 
whether fliey needed to be open or could be permanently disabled. We purchased an 
enterprise license for software to monitor open port activity. All sites, including LANL, 
are now in compliance, will all ports that can be used to transmit data, sealed or 
monitored. 

• The Designated Approving Authority (DAA) is responsible for approving an FT system 
for operations by signing the cyber security' plan states how the system will be compliance 
with NNSA and DOE policy. We have temporarily reassigned the DAA from the Sandia 
Site Office to LASO to strengthen the Federal cyber security oversight and inspection 
capabilities. All DAAs are to review all sy'stem cyber security plans and hold them 
accountable to ensure they address the specific risks of each system and to identify and 
rewrite plans with omissions such as those found at LANL. 

• NNSA Increased funding to the Los Alamos Site Office to hire three cyber security 
experts to support the DAA and cyber security activities such as updating plans and doing 
visual inspections to ensure compliance. 

• N’NSA assembled a team of eight cyber security experts from HQ and NNSA sites and 
have them inspecting all vaults at LANL to determine if they were in compliance with the 
Department’s directive to close ports. The team initially found areas of noncompliance, 
however, when reconvened on site this past week, they inspected all 142 vaults and all are 
now in compliance with cyber security requirements. 

• NNSA has have further directed the team to inspect the cyber security implementation at 
all NNSA sites. Those inspections will start in February and conclude in April when the 
team revisits Los Alamos. 
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Statement of Dr. Linda WUbanks 
Chief Information Officer 
National Nuclear Security Administration 
U.S. Department of Energy 
Before the 

Committee on Energy & Commerce 
Subcommittee on Oversight & Investigations 

January 30, 2007 


Thank you for the opportunity to discuss the cyber security incident at the Los 
Alamos National Laboratory (LANL) and the actions the National Nuclear Security 
Administration (NNSA) has taken to prevent similar incidents at other NNS A sites. We 
have a very important national security mission and take these responsibilities very 
seriously. 

Within the NNSA, the Chief Information Officer reports directly to Mr. Michael 
Kane, the Associate Administrator for Management and Administration. As the CIO, I 
am responsible for information technology within NNSA. I came to NNSA after almost 
three years as the CIO at Goddard Space Flight Center, NASA. I have over 30 years 
experience in information technology with a bachelors degree in Mathematics, a Masters 
degree in Engineering, and a Ph.D. in Computer Science. My office works with the 
Department of Energy (DOE) CIO, Mr. Tom Pyke, and the NTvISA sites to develop and 
implement appropriate cyber security policies. 

NNSA is dependent on information and upon the systems that create, process, 
store, and communicate information to carry out its national security mission. We must 



guard against a wide range of attacks from the sophisticated outsider who wishes to break 
into our cyber infrastructure as well as the accidental or malicious insider. As the NNSA 
CIO, I am responsible to the NNSA Administrator for cyber security, specifically policies 
and procedures to ensure the security of the informatioD and technolo^ as it relates to the 
NNSA mission, and to enhance NNSA's ability to protect NNSA’s classified, sensitive 
and unclassified information and systems. 

I would like to provide the Members of the Committee additional infoimation 
relative to actions the NNSA has taken in response to the recent LANL incident. I will 
then address actions specific to LANL and those actions taken across the complex. 

When the most recent incident was reported, the NNSA Cyber Security Program 
Manager and the Director of the Diskless Workstation Taskforce immediately flew to Los 
Alamos with two members of the Department of Energy’s (DOE) cyber security team. 
Their objective was to learn as much as possible about the incident from the cyber 
perspective and determine if any of the contributing factors could put LANL or other sites 
at risk. In November, I flew to Los Alamos myself and spoke with both Federal and 
contractor cyber security personnel, who are responsible for the computer systems at Los 
Alamos, including the system in question. 

At Los Alamos we found was that there was a cyber security plan in place for the 
system signed by the Designated Approving Authority (DAA) who is located at the 
Federal Site Office. However, upon review following the incident, my office believed 
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that the plan was too generic and did not address specific risks to that system. For 
example, the plan stated that the cages containing the servers did not have to be locked as 
they were contained within a Vault Type Room and only authorized personnel w'ere 
allowed in the room. The plan also allowed for scanning and for a printer to be connected 
to the classified systems even though there was no justified need to print. The server in 
question had accessible USB ports on the front and back that were not visible to the cyber 
security person in the room. These conditions allowed the subject in question to 
download classified data to her personal thumb drive. In order to move data to or from 
any of the servers, a password was needed. The subject in question only had the password 
to the server dedicated for scanning purposes, which was her assigned duty. This 
prevented her from accessing any information other than what she had been cleared to 
scan. We have since secured all USB ports at all NNSA sites and are reviewing all cyber 
security plans to ensure they address tbe specific risks for that system. This type of 
incident, the undetected transfer of classified information to a portable device, could no 
longer occur at any NNSA site. 

We have undertaken a number of actions in response to the recent incident at 
LANL to prevent this type of incident and strengthen the cyber security; 

o The DAA from the Sandia Site Office has been detailed to LANL to 
strengthen the Federal cyber security oversight and inspection capabilities. 

o Additional funding was provided to the Site Office to hire three contractors to 
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support the DAA and cyber security activities. These contractors will be 
separate from the Laboratory contract. 


o At the request of the Los Alamos Deputy Site Office Manager my office sent a 
team of seven cyber security experts from HQ and NNSA sites to inspect the 
vaults to determine if they were in compliance with the Department’s directive 
to close ports. The on-the-ground team was able to verify that the lab was not 
in full compliance and because of that process we were able to initiate 
corrective measures. A team of federal cyber security experts went back to 
LANL on January 22 to re-evaluate the lab’s efforts for compliance. The 
initial reports from this second team are positive and indicate LANL has 
corrected the deficiencies previously identified. 

During the past year, NNSA has made changes to strengthen the cyber security 
posture of the complex and more recently addressed issues identified by the LANL 
incident. 

• fri early 2006 a Designated Approving Authority (DAA) official was appointed to 
work at each site. The DAA’s sole responsibility is dedfeated to cyber security for 
their site. Prior to this change one person was responsible for many systems at 
several sites. This resulted in cjfrer security plans that were more generic, that did 
not address specific risks and incorporated minimal, if any site inspections being 
done to verify the system was following the plan. A dedicated DAA at each site 
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will mitigate this vulnerability. 

• Since a contributing factor to the incident at LANL was the generic cyber security 
plan, the Site DA As that have now been assigned to all sites are currently 
reviewTug all system cyber security plans to ensure these plans address the specific 
risks of each system. This review will identify plans that may be generic and allow 
peripherals that are not required (i.e., printers) or insufficient security, (i.e., 
unlocked cages) or any other omission or lack of specifics in the plan such as 
those identified in the LANL vault security plan. A standard template for a cyber 
security plan has been distributed to ensure all plans contain the critical 
infoimation required to thoroughly asses the risks associated with operating an IT 
system. Each site is responsible for making the plan specific for each system, and 
removing weaknesses. 

• In July, the NNSA Forensics Facility, Information Assurance Response Center 
(lARC) was assigned the responsibility for compiling all NNSA cyber security 
incidents and reporting them within the specified time periods to the Department’s 
cyber security incident response center. Ail Sites, instead of having to report 
incidences to multiple places, now report them only to the lARC. This ensures the 
conect reporting of cyber security incidents and allows NNSA to track and 
analyze incidents, which will result in better risk identification and overall cyber 
management This comprehensive infoimation has already provided us with 
valuable lessons on areas that need to be strengthened across NNSA. 
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• In November 2006, as a result of the Los Alamos incident, we required all sites to 
identify all open ports on classified systems, and determine whether they needed 
to be open or could be permanently closed. We found that three sites had already 
identified this as a risk and were working on closure or had already closed the 
ports. (Deputy Secretary Clay Sell later issued a memo to implement this action 
for all of DOE by January 1 5, 2007.) We also purchased an enterprise license for 
software to monitor open port activity, an action that was in progress when the 
incident occurred. We have evidence that these actions are successfully working. 
On January 17, a personal thumb drive was inserted into a classified machine to 
upload work. The software successfully prevented the information from being 
uploaded to the classified machine and notified the system administrator. 

• My office has worked with the DOE CIO, Mr. Pyke, to identify areas where 
policies and procedures are needed to strengthen cyber security guidance and to 
issue them in a timely manner. Those new policies included establishing a 
governance framework (Departmental Cyber Security Management) and 
establishing baseline cyber security controls for national security (classified) 
information systems (National Security System Controls Manual). 

• We have set up a schedule for my office to inspect the cyber security 
implementation at all NNSA sites. Those inspections wll start in Febraary and 
conclude in April. Each inspection will last for one week. The inspection team 
will consist of two HQ cyber security personnel and a cyber security professional 
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from another site. These inspections will occur annually and strengthen Site office 
oversight. They will also serve as refresher training for the DAA on what they 
should be inspecting at their sites. 

Cyber security programs are direct fimded activities within Safepards and 
Security line of the NNSA Weapons Activities appropriation. Funding allocation 
decisions are based on enterprise priorities and site risks. After my office identifies the 
risks and balances priorities for program initiatives, the Administrator takes the 
information into consideration with similar information from all other NNSA programs 
and makes overall resource allocation decisions across NNSA. In the current year, due to 
additional requirements placed on the sites in order to comply with the new policies and 
procedures, my office has reprioritized ongoing activities and reallocated $6M to cover 
these extra activities at the sites, of which Sl.OSM went to LANL. 

NNSA is responsible for over 70 percent of the classified networks within the 
Department. We take this responsibility very seriously and have made maintaining the 
security of the classified networks our highest priority to ensure there are no breaches. 

The Department is on schedule with the implementation of diskless workstation project, 
and completion is scheduled for September 30, 2008. NNSA fiilly supports the 
Department of Energy’s federated approach to cyber security that is directed in the 
recently updated Departmental order on Cyber Security Management, 205. 1 A. We are 
jointly working with the Department to maximize our efforts and resources to ensure a 
secure environment for the transmission and storage of our infoimation. 
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Mr. Chairman, NNSA is working very diligently to maintain a secure environment 
for our infonnation and that of the Department. We work closely with our sites to 
identify the risks and we work closely with DOE to maximize our resources. We are 
moving ahead in many areas and we are making progress. 
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CONTINUING SECURITY CONCERNS AT LOS 
ALAMOS NATIONAL LABORATORY 


FRIDAY, APRIL 20, 2007 

House of Representatives, 

Committee on Energy and Commerce, 
Subcommittee on Oversight and Investigations, 

Washington, DC. 

The subcommittee met, pursuant to call, at 9:30 a.m., in room 
2123 of the Rayburn House Office Building, Hon. Bart Stupak 
(chairman of the subcommittee) presiding. 

Members present: Representatives DeGette, Green, Doyle, Inslee, 
Dingell [ex officio], Udall, Whitfield, Walden, Murphy, Burgess, 
Barton [ex officio], and Wilson. 

Staff present: Chris Knauer, Richard Miller, Scott Schloegel, Ra- 
chel Bleshman, Lauren Bloomberg, Jodi Seth, Bud Albright, Alan 
Slobodin, Dwight Cates, and Matt Johnson. 

OPENING STATEMENT OF HON. BART STUPAK, A REPRESENT- 
ATIVE IN CONGRESS FROM THE STATE OF MICHIGAN 

Mr. Stupak. This meeting will come to order. Today we have a 
hearing on DOE’s response to ongoing mismanagement at the Los 
Alamos National Labs. Each member will be recognized for 5 min- 
utes for their opening statement, and I will begin. 

Los Alamos National Laboratories is home to many of our Na- 
tion’s most secretive weapons program, yet it is also home to some 
of the worst security breaches in our Nation’s history. This is our 
13th hearing on security problems at Los Alamos in just the past 
8 years. 

For 63 years, the University of California operated Los Alamos; 
but after numerous high-profile security lapses, the Department of 
Energy was urged to competitively bid the contract for operation of 
LANL. In June of last year. University of California was again 
awarded the contract under a limited liability consortium known as 
Los Alamos National Security, or LANS. This committee anxiously 
awaits proof that this new contractor will result in significant 
changes in Los Alamos and not just put new drapes over a broken 
window. 

At our January 30 hearing, we investigated the October 2006 
case of classified documents that were removed from Los Alamos 
by a contractor. We learned at that hearing that the security lapse 
would probably have not been discovered if it had not been for a 
domestic disturbance at the contract employee’s home. The result- 
ing investigation led to the discovery of drug paraphernalia and the 
discovery of classified paper and electronic files at the residence. 

(157) 
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The female contract employee was not adequately watched by her 
escort. The employee also had access to open ports on classified 
computers which enabled her to download and remove classified 
documents. 

We heard the Department of Energy’s Inspector General testify 
in January that they do not know how much other classified infor- 
mation may have been removed using this gaping hole in security. 
We don’t know where this classified material has ended up. We 
hope to learn the answers to these questions from the FBI’s inves- 
tigation, but they will not brief members until their investigation 
is complete. 

Many of the members of this committee were shocked that the 
National Nuclear Security Administration, NNSA, approved a secu- 
rity clearance for this employee, even though she admitted using 
illegal drugs within 30 days of her security clearance being ap- 
proved. We were equally shocked at the fact that there was no fol- 
low-up evaluation or testing of this individual after she was grant- 
ed her security clearance. Apparently, her promise not to use drugs 
in the future was good enough for NNSA. 

This security breakdown took place against a backdrop of pre- 
viously degraded security performance. In 2006, the Department of 
Energy, Office of Health, Safety, and Security, documented sub- 
stantial substandard-to-failing performance in 14 of 17 key security 
areas at Los Alamos. You can see the 2006 report right over there. 
The poor grades were in categories such as classified matter, pro- 
tections and control, cyber security, and emergency management. 
Performance in 2006 had sharply deteriorated since the previous 
review in 2002 which had cited serious problems. I will be placing 
into the records summaries of these oversight reports. You can see 
them up on the screen now. 

[Slide shown.] 

In today’s hearing, I hope to focus on a number of issues includ- 
ing what is the Department of Energy’s system to issue classified 
security clearances? What led DOE to grant security clearance to 
an individual who admitted using illegal drugs within 30 days of 
her clearance being issued? What lessons are learned from this se- 
curity lapse? What steps have been taken to correct the security 
deficiencies in the Department of Energy and at Los Alamos so 
that we do not have to hold our 14th hearing later this year? 

At the January 30 hearing, DOE testified that the Secretary con- 
vened two task forces, one to examine cyber security and a second 
task force to look at personnel security issues raised by the latest 
security breach. Today we will hear the results of these task force 
reports. A key finding by the personnel security task force was that 
at least two additional employees admitted to illegal drug use in 
the 30 days prior to security clearance approval. Eighteen other 
employees had similar information in this 12-month period be- 
tween 2001 and 2002 thereby causing DOE to re-examine their se- 
curity clearances. 

We look forward to hearing what Secretary Bodman plans to do 
about this and other security problems his task force has uncov- 
ered. We also look forward to hearing how he plans to hold the con- 
tractors accountable. 
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The Department of Energy has various tools, including enforce- 
ment action and reducing award fees to hold its contractors ac- 
countable. Nonetheless, this committee was disturbed to learn just 
this week that the Department of Energy apparently forgot to put 
legal requirements in its contract with the lab operator, the Los Al- 
amos National Security. These legal requirements would have obli- 
gated the contractor to comply with DOE’s stringent safeguards 
and security order known as DOE Order 470. This omission was 
discovered after the October 2006 incident which leaves open the 
question of whether the Department of Energy contracting officer 
may have handed Los Alamos National Security, the partner here, 
a get-out-of-j ail-free card if and when DOE attempts to bring in en- 
forcement action for multiple security violations associated with 
the October 6th incident. 

The committee wants to know when the Department of Energy 
learned of this contract omission. Was it before last hearing where 
DOE officials swore they had all the necessary tools to enforce this 
new security standard? If so, why weren’t we informed of this prob- 
lem? When was the committee going to be told about this issue and 
what plans has the Department made to fix it? 

After our January hearing, I, along with my Republican col- 
leagues, asked the Government Accountability Office to evaluate 
whether the security footprint at Los Alamos is simply too large to 
manage the classified information effectively. We also asked GAO 
to evaluate the possibility of consolidating and moving classified 
operations at Los Alamos to another lab such as Sandia where se- 
curity is managed more effectively. GAO is moving forward on this 
evaluation despite requests by some legislators to do an analysis. 

In addition, the committee is reviewing H.R. 703, legislation in- 
troduced on a bipartisan basis with my colleagues, Mr. Barton and 
Mr. Whitfield, to move responsibility for safety and security out of 
NNSA and place it under the direct control of Secretary of Energy. 
We would welcome hearing the Secretary’s view on this legislation. 
Secretary Bodman and his predecessors have come before this com- 
mittee with commitments to improve the security culture at Los Al- 
amos. Despite the creation of security czars and task forces, the 
end result has been a litany of security breaches and mismanage- 
ment. To say the least, the committee is skeptical. 

Today, Mr. Secretary, we want to know, what is different? Why 
are your proposals more likely to succeed when your predecessor’s 
proposals have not? What assurances can DOE give us that these 
new reforms will work? What resources, and from whom, will DOE 
look to pay for these new security measures at Los Alamos? I can 
assure you. Secretary Bodman and the American public, that the 
committee will continue its oversight at Los Alamos. I can also as- 
sure you that this oversight will continue just as it has in the past 
in a truly bipartisan basis. When it comes to Los Alamos and secu- 
rity at nuclear labs, this committee is united in its oversight. 

I appreciate the assistance and cooperation of my Republican col- 
leagues led by my friend, Mr. Whitfield, and his able staff. 

And with that, I would yield to the ranking member, my friend 
from Kentucky, Mr. Whitfield, for his opening statement, please. 
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OPENING STATEMENT OF HON. ED WHITFIELD, A REPRESENT- 
ATIVE IN CONGRESS FROM THE COMMONWEALTH OF KEN- 
TUCKY 

Mr. Whitfield. Thank you, Chairman Stupak, and for today’s 
hearing to review ongoing security mismanagement at Los Alamos. 

Over the past decade, this subcommittee has established a rigor- 
ous tradition of strong, bipartisan oversight on DOE security mat- 
ters, and I am pleased that this committee has continued this tra- 
dition with its close attention to ongoing mismanagement at Los 
Alamos. 

The most recent security incident, which occurred last October, 
resulted in the loss of over 1,500 classified documents. As I pointed 
out at the January hearing, this incident demonstrates poor secu- 
rity management, lack of formality of operations, and insufficient 
oversight that has plagued the lab for decades. Dramatic new ideas 
from the Department, from LANS, and from Congress are needed. 

At Los Alamos, the security environment is certainly challenging. 
Operations are spread out over a 43-square-mile area. The lab has 
approximately 15,000 employees. There are more than 2,000 classi- 
fied computers and 1,774 separate security areas. To give perspec- 
tive, there are more classified security areas at Los Alamos than 
there are total rooms in the Rayburn, Cannon, and Longworth 
House Office Buildings combined. Los Alamos has an unnecessarily 
large volume of classified information and conducts classified ac- 
tivities in too many areas involving too many people. These factors, 
including the geographical dispersions of activities, continue to 
make LANL susceptible to security failures. 

At the last hearing, I stated that LANS must be held accountable 
for the loss of classified documents last October and that it should 
pay a price. The Department of Energy must assert its contract 
and regulatory authorities to compel greater security performance. 
The Department has three primary tools to help compel perform- 
ance, the enforcement of new information security relations with 
strong, civil penalties; the withholding of incentive pay associated 
with security performance; and three, the use of the conditional 
payment of fee clause in the contract that allows the Department 
to withhold up to 100 percent of the award fee. 

The Department has not yet finalized how they will use these en- 
forcement tools, but I know members of the committee and in the 
Congress will be quite interested in what the final decision will be. 

Six months have elapsed since the October 2006 security inci- 
dent. That is a reasonable amount of time to allow NNSA and 
LANS to formulate a plan to help improve security at the site. 
Later today, we will hear from Lab Director Michael Anastasio on 
the remedial actions he has taken to correct security failures. I 
think Director Anastasio’s efforts to date appear to be more respon- 
sive than what we’ve seen in the past. I am encouraged by his ini- 
tial steps to reduce the number of classified vaults at Los Alamos, 
and I think LANS has already implemented a few valuable cyber 
security improvements at the site. However, it is too soon to say 
whether these actions are simply short-term fixes or a commitment 
to long-term security improvements. I am delighted Secretary 
Bodman has joined us today, and we certainly look forward to his 
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views on this very important issue. And thank you, Mr. Chairman. 
I yield back my 1 minute. 

Mr. Stupak. Thank you, Mr. Whitfield. Next, turn to the Chair- 
man of the full committee, Mr. Dingell, for an opening statement, 
please. 

The Chairman. Mr. Chairman, I thank you, and I commend you 
for holding this hearing. Mr. Secretary, welcome. 

Secretary BODMAN. Thank you. 

The Chairman. I hope your visit here is pleasant here today. 

Secretary BoDMAN. So do I. 

OPENING STATEMENT OF HON. JOHN D. DINGELL, A REP- 
RESENTATIVE IN CONGRESS FROM THE STATE OF MICHI- 
GAN 

The Chairman. Mr. Secretary and my colleagues, today’s topic is 
sort of as what is observed as deja vu all over again. The security 
at the Energy Department labs, in particular the one we are dis- 
cussing today, Los Alamos National Laboratory, is an issue with 
which this committee has been involved for more than two decades. 
Our colleagues on this committee and I could produce stacks of let- 
ters and piles of hearing documents relative to the question of secu- 
rity breakdowns at the Department of Energy and at this unfortu- 
nate laboratory in particular. Likewise, we could display a small 
mountain of proposals and promises made by lab directors, blue- 
ribbon panels, task forces. Secretaries of Energy, and yes, even a 
few Presidents to fix the security problems at the labs. 

You, Mr. Secretary, are no different than your predecessors, and 
you inherited a fine mess out there. You have proposed a number 
of changes and recommendations to fix the problems, and we com- 
mend you for that; and you’ve convened blue-ribbon task forces to 
make these recommendations. For that we are appreciative. I am 
sure that we will hear about how everyone takes this matter of se- 
curity seriously. I am sure that in fact everyone is sincere about 
improving security; and I am certain that you, Mr. Secretary, will 
propose changes that will make sense. 

But before we claim victory in our battle to improve Los Alamos, 
we need to look closely at what is being proposed and whether in 
fact it differs from what has happened before or what has come be- 
fore. As President Reagan used to say, trust but verify. As my old 
daddy used to tell me, trust everybody but cut the cards. I would 
urge my colleagues to do that today. In this regard, I recommend 
you pay particular attention to the tools that you, Mr. Secretary of 
DOE, actually have to enforce the new security proposals. 

I understand that the Department’s ability to assess an effective 
fine has come into question in the light of information provided to 
the committee this week. The DOE officials who reviewed and 
signed the contract on behalf of the U.S. Government were the new 
contractors, Los Alamos National Security, apparently omitted the 
applicable safeguards and security orders for 13 months. This is 
hardly an auspicious way to start new reforms. Although legal im- 
plications of this omission are still unclear, it appears there is a se- 
rious question as to whether DOE is unable to cite the contractor 
for each and every violation of its security requirements. Appar- 
ently, applicable security requirements under DOE Order 470 were 
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not inserted into the contract until after the violations were discov- 
ered. In fact, these requirements were not included in the contract 
until after January 25, 2007, a mere 5 days before our last hearing 
on Los Alamos. I am curious to know why this information was 
withheld from the committee until now. This is certainly not trust- 
ing and verifying. 

I hope the Secretary abides by this maxim, too. Mr. Secretary, 
do not trust everything that you are told. I would observe that we 
have been working on Los Alamos for a long time, and our prob- 
lems with security there have been substantial and have run all 
the way from penetrations by foreign countries into the security 
there to loss of valuable Government property to problems with re- 
gard to stings that were supposed to be held to address problems 
of narcotics sales inside the facility and, very frankly, also two 
other things including a curious event involving fornication in the 
guard towers out there. 

Mr. Secretary, I note with both respect and affection that you are 
not only requiring briefings from your staff regarding security and 
safety issues when you were there but that you also poked around 
the basements and nooks and crannies to assure that the situation 
with regard to security was going properly. Certainly, Mr. Sec- 
retary, we need that kind of approach today. I think we have to 
look beyond fines and penalties to fix the problems at Los Alamos. 
For that reason, along with my good friend, the chairman of the 
subcommittee, our good friends and colleagues in the minority, we 
have requested that the Government Accountability Office, GAO, 
conduct a comprehensive audit of Los Alamos to determine what 
functions are essential at that laboratory. Their report will inform 
us of the options available. 

Mr. Secretary, I hope that you will assist the committee and the 
GAO in this important study and in our efforts to improve security 
at Los Alamos and throughout your Department. I thank you for 
your presence here. I express to you my affection and respect and 
also the hope that you will have success in straightening up some- 
thing which has defied your predecessors in office in this matter. 

I want to thank all of our witnesses for appearing before us 
today; and you, Mr. Chairman Stupak, I want to express my par- 
ticular respect and gratitude to you for what you are doing. Thank 
you, Mr. Chairman. 

Mr. Stupak. Thank you, Mr. Dingell. Next we go to Mr. Walden 
from Oregon for opening statement, please. 

OPENING STATEMENT OF HON. GREG WALDEN, A REPRESENT- 
ATIVE IN CONGRESS FROM THE STATE OF OREGON 

Mr. Walden. Thank you very much, Mr. Chairman. And I, too, 
appreciate the continuing efforts in a bipartisan manner of this 
subcommittee to try to figure out how to provide full security at 
these labs. And Secretary, I want to welcome you as my colleagues 
have done and appreciate the work you’re doing on this. 

I noted in your testimony that you indicate that you feel like that 
significant progress has been made in security at Los Alamos and 
yet then you go on to say you’re still not satisfied. I would be curi- 
ous to know with only 20 months left in office, provided you’re 
there to the end, how are we going to get this thing resolved and 



163 


do you think it is possible? We have had, as you know, multiple 
hearings over multiple years in both classified settings and non- 
classified settings and continue to chase this. And if anybody can 
get this fixed, I have confidence that you certainly have the com- 
mitment and the ability to get it done. So I will look forward to 
hearing that. Before I have held up the J. B. Weld which is the 
world’s finest cold glue I guess for households and hobbies. It is 
great for farm machinery and equipment. It is also $4.99 at Wal- 
Mart and was used I believe to plug something in the order of 
7,200 USB ports at Los Alamos but only after there had been about 
a year of security breach. It seems to me that for $4.99 you can 
fix this problem. Maybe it wouldn’t cost that much more to fix the 
whole thing. But it has been very disturbing that data can come 
and go in and out of the lab, and the most recent examples are 
very frustrating for us and I am sure for you, Mr. Secretary. 

So we welcome you here today. We look forward to hearing your 
comments, and unfortunately they tell us we are going to have a 
long series of votes beginning in about 9 minutes. So I am going 
to quit and return the balance of my time and look forward to your 
comments. Thank you, sir. 

Secretary BODMAN. Thank you, sir. 

Mr. Stupak. Thank you. Mr. Green from Texas, opening state- 
ment? 

Mr. Green. Mr. Chairman, I’ll just welcome the Secretary and 
submit an opening statement for the record. 

Prepared Statement of Hon. Gene Green, a Representative in Congress from 

THE State of Texas 

Mr. Chairman thank you for calling this hearing. 

I would also like to thank our witnesses, including Secretary Bodman and Los Al- 
amos Director Anastasio for returning here a couple months after our last hearing 
to provide us with a status report on ongoing security measures at Los Alamos Na- 
tional Lab. 

Given the situation at the national laboratory system, congressional oversight is 
a necessity. 

Security can be high tech, involving counter-measures for computer hackers and 
electronic warfare, or it can be very low-tech, such as old-fashioned human intel- 
ligence. 

The national laboratories, particularly Los Alamos, have had problems with both 
issues, as we see in the reports on Personnel Security and Cyber Security that the 
Inspector General has produced. 

On the personnel front, this committee is going to be very interested in the ongo- 
ing review of security clearances and background checks for all employees in the 
DOE national security complex. 

We are pleased to see a full review over issues like drug history and the imple- 
mentation of new drug testing measures. 

In addition, we need to ensure the security clearance review is not only looking 
at narcotics, since there can be many other security risks as well. 

If people working on sensitive national security projects have any kind of major 
criminal activity or other issues that could make them a security risk, then DOE 
needs to know about that. 

Often the lab has taken a reactive security approach, going from one crisis to an- 
other trying to prevent the same thing from happening again. 

We need a proactive approach that thinks ahead to what other kinds of security 
breaches COULD happen, but haven’t happened yet. 

On the cyber security front, our committee is looking for a full update on issues 
like sealing open USB ports in lab computers, disabling dual use computer ports, 
and securing racks of computers with sensitive national security information. 

Personnel security and cyber security are related, because sometimes it is just as 
important to know who is on the computer system as it is to know who is actually 
handling bomb-grade radioactive materials. 
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Mr. Chairman, with that I would like to yield back so that we may get to the 
question time for the witnesses. Thank you. 

Mr. Stupak. Mrs. Blackburn from Tennessee. 

OPENING STATEMENT OF HON. MARSHA BLACKBURN, A REP- 
RESENTATIVE IN CONGRESS FROM THE STATE OF TEN- 
NESSEE 

Mrs. Blackburn. Thank you, Mr. Chairman. I do want to thank 
you for holding the hearing and thank you and our ranking mem- 
ber, Mr. Whitfield, for the work on the issue; and I want to thank 
our participants for being here on what looks like is going to be an 
interrupted day. And before we begin the hearing, I do want to give 
a little bit of an overview of how I see things and how I think a 
lot of people that are looking at this with us see things. 

It seems that, and we all know and it is frustrating, there is a 
systemic problem with management at Los Alamos, and for several 
years the culture of — has seemed to persist. It has gone on without 
seeming to have a lot done about it, and I see no significant efforts 
by NNSA or the DOE to change the culture; and I come to this de- 
cision by reading the reports that you have given us. I am partially 
relieved to see that the previous organization which appeared to be 
incompetent in so many different areas, that they have been re- 
placed; and I have several concerns about the new operator and we 
will address those in questions. And from time to time, I think we 
see new policies that are brought forward; and Mr. Secretary, we 
hold great hope for you that new policies this time are actually 
going to do something to correct the problem, that there will be 
timelines, that there will be guidelines and some accountability 
measures that are there. I think all too often we see that people 
admit there is a problem, they find the problem; but unfortunately, 
they do not seem to have the desire to correct the problems, and 
that is the situation in which we find ourselves right now. Not cor- 
recting the problems it appears to me to each employee would be 
a disservice to their personal record, it would be a disservice to the 
administration, it is definitely a disservice to the American people. 
It is something that I hope we hear from the director and also from 
you, Mr. Secretary, that it is no longer going to be tolerated and 
that you can give us some measureables and some quantitative 
data that will prove to us that changes are indeed taking place. 

We are hopeful for your progress, and I yield the balance of my 
time. 

Mr. Stupak. I thank the gentlewoman. We will next move to the 
gentlewoman from Colorado, Ms. DeGette. 

OPENING STATEMENT OF HON. DIANA DEGETTE, A REP- 
RESENTATIVE IN CONGRESS FROM THE STATE OF COLO- 
RADO 

Ms. DeGette. Thank you very much, Mr. Chairman. We were 
trying to count the number of these Los Alamos hearings that 

Mr. Stupak. Thirteen. 

Ms. DeGette. Thirteen? And those are all the ones we have heen 
sitting in together plus the visit down there. Secretary Bodman, I 
am delighted to see you today; and I am really glad you came be- 
cause I think that resolving these problems is going to have to 
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come from your level, and I know you have got that commitment. 
So I am pleased. 

I am going to submit my whole statement for the record because 
frankly I am really tired of saying the same thing over and over 
again and emoting about what a disaster it is down there, and this 
latest incident with the employee who apparently had problems 
with her security credentials and then she takes critical documents 
on a flash drive and then she gets busted for drugs, it just boggles 
the mind. And it goes on and on. 

But there are some really important legal questions that we have 
heard about in recent days that add yet a new dimension that I 
haven’t even whined about once because they just came to light 
and that is about the contracting procedures at the Department of 
Energy. The committee has learned that the management contract 
signed by the Department and with great fanfare I may add lacked 
key components that allow penalties to be assessed when DOE se- 
curity procedures are not followed; and because those orders were 
inadvertently omitted from the contract, so have the security 
breaches we have seen could go unpunished which frankly just un- 
derscores the cavalier attitude really that a lot of people take to- 
ward security at what should be frankly our most secure facility. 

So here is the big picture. The American people need to know 
that management at Los Alamos, which comes from a lucrative, 
multi-million dollar contract, is top notch. That hasn’t been the 
case, far from it. And all of our constituents need to have the con- 
fidence that if managerial negligence is found, if security breaches 
do occur, and if specific DOE procedures are not followed, then 
there will be severe consequences. That hasn’t been the case, ei- 
ther. Enforcement so far has amounted to a slap on the wrist, and 
I think we all agree that is not acceptable. So there will be several 
questions I will be exploring today, what went wrong with the con- 
tracting procedures at DOE, how could these omissions have oc- 
curred, has this compromised the Department’s ability to enforce 
its rules and assess penalties, and what is being done to ensure 
that this does not happen again? 

Thank you, Mr. Chairman. I look forward to this hearing, and I 
am sure there will be many more. I yield back. 

[The prepared statement of Ms. DeGette follows:] 
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Rep. Diana DeGette 
Opening Statement 



The Department of Energy’s Response to Ongoing 
Mismanagement at the Los Alamos National Labs 


Subcommittee on Oversight and Investigations 
Committee on Energy & Commerce 
April 20, 2007 


Thank you, Mr. Chairman. I appreciate your continued 
diligence in scheduling hearings on this issue. This committee 
has an important oversight role over the Department of 
Energy and specifically the Los Alamos National Lab. 

It’s good to see you again. Secretary Bodman. Thank you for 
your willingness to appear this morning. I am also pleased to 
welcome back Inspector General Friedman and Mr. Michael 
Anastasio, the director of Los Alamos National Labs. 

In January, I was shocked to learn about the latest security 
breaches at Los Alamos. That a young staffer lacking proper 
security credentials was able to leave the facility with critical 
documents on a flash drive is unacceptable. Sadly after eight 
yeam of hearings, it is apparent that this is not an isolated 
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incident but but rather a systemic lack of management and 
proper security precautions. 

Since our last hearing, more information has come to light, 
specifically about the questionable personnel security 
procedures and cyber security (or lack thereof) at the facility. 

I hope to learn today if the hiring practices and security 
screening of applicants is appropriate for a facility that 
provides stewardship of our nation’s nudear weapons 
stockpile. 

Cyber security is a growing threat, and I am tired of being told 
by witness after witness that the problems are being fixed when 
they clearly are not The Department and the lab management 
need to transform security systems so they are not constantiy 
reacting to the latest security breach, but being proactive. 

I look forward to hearing about what the DOE has found in its 
recent investigations into these two important issues. 

Finally, there are some important legal questions that have 
arisen in recent days about the contracting procedures at the 
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Department of Energy. This committee has learned that the 
management contract signed by the Department, (with great 
fanfare, 1 might add) lacked key components that allow 
penalties to be assessed when DOE security procedures are not 
followed. Because these orders were inadvertenfly omitted 
from the contract, some of the security breaches we have seen 
could go unpunished. 

Mr. Secretary, I hope today you can shed some light on this 
murky legal question. 

Here’s the big picture: the American people need to know that 
management at Los Alamos, which comes with a lucrative, 
multimillion dollar contract, is top notch. That simply hasn’t 
been the case; far from it. And my constituents should have 
the confidence that if managerial negligence is found, if 
security breaches occur, if specific DOE procedures are not 
followed, that there will be consequences. That hasn’t been file 
case either. Enforcement thus far has amounted to a slap on 
the wrist, and that’s not acceptable. 

There are several questions 1 will be asking today. What went 
wrong wifli file contracting procedures at the DOE? How 
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could these omissions have occurred? Has tiiis compromised 
the Department’s ability to enforce its rules and assess 
penalties? What is being done to ensure this doesn’t happen 
again? 

Thank you again, Mr. Chairman. While I look forward to this 
dialogue today, I hope we’re nearing the end this committee’s 
investigations of Los Alamos. 
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Mr. Stupak. I hope not but I am afraid there will be. Mr. Mur- 
phy, opening statement, please. 

Mr. Murphy. Thank you, Mr. Chairman. I will waive in interest 
of time, but I would like to welcome the Secretary for being here. 
Thank you. 

Mr. Stupak. Thank you. Mr. Doyle from Pennsylvania, opening 
statement, please? 

OPENING STATEMENT OF HON. MIKE DOYLE, A REPRESENTA- 
TIVE IN CONGRESS FROM THE STATE OF PENNSYLVANIA 

Mr. Doyle. Thank you, Mr. Chairman. I want to commend you 
for your continued vigilance on this important matter. 

The protection of classified documents and information at our na- 
tional labs, especially at Los Alamos National Lab, is critical to en- 
suring that we are able to protect the American public against 
those who may intend to do us harm. The frequent security 
breaches at this and other labs are completely unacceptable. I am 
looking forward to hearing the testimony of Secretary Bodman and 
his colleagues as we work together to ensure our nation’s classified 
nuclear information remains protected. 

It is no secret that there are and have been over a number of 
years serious security questions at the Los Alamos National Lab. 
Thankfully, most of these breaches have been of an accidental na- 
ture due to inadequate security breaches being in place. In essence, 
the breaches have served as a wake-up call to all of us. I shudder 
to think what may have occurred had the breaches been the result 
of a well-thought-out and intentional plan to secure classified infor- 
mation for sale on the black market. We have been lucky so far. 
But if security there is not made ironclad, our luck will surely run 
out. 

I am looking forward to hearing about the improvements that 
have been made since October 2006 investigation, as well as what 
improvements have been made since our last hearing on this mat- 
ter in January. I am so very interested in being able to judge the 
level of commitment to security improvements, not only on the 
ground at the site but all the way to the Secretary’s office. I believe 
it is critical that the Secretary maintains his vigilance, not only on 
this particular incident but on the entire security systems under 
his prevue. 

One thing is clear, when it comes to the long history of violations 
at Los Alamos, an intensive, short-term focus which trails off once 
the media focuses on another subject, will only lead to future con- 
cerns at the lab. We on this committee, those in the administration, 
and those on the ground at the labs must continue to shine a light 
on security while working together to ensure that procedures are 
updated so that the facilities are not only more secure today but 
will become even more secure with the passage of time. 

Former Secretaries of Energy have come before Congress with 
promises of new security; but for one reason or another, they have 
fallen short and violations have continued. Now this matter falls to 
you. Secretary Bodman. We on this committee hope to work closely 
with you so that you will succeed where your predecessors have 
failed. Security, especially nuclear security, is not a Democratic or 
Republican issue, it is an American issue in which all branches of 
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Government and both political parties must work hand in hand to 
ensure that the American people have the protections in place they 
deserve. We must renew this focus today and continue to fully and 
completely protect our facilities and the critical information they 
possess at both the physical and cyber levels. Anything less opens 
our nation to dangers that none of us even want to believe could 
happen. 

So again, Mr. Chairman, I commend you for your continued vigi- 
lance. I will look forward to hearing the testimony of our distin- 
guished panelists, and I yield back the balance of my time. 

Mr. Stupak. Mr. Burgess. 

OPENING STATEMENT OF HON. MICHAEL C. BURGESS, A 
REPRESENTATIVE IN CONGRESS FROM THE STATE OF TEXAS 

Mr. Burgess. Thank you, Mr. Chairman. I guess I am glad we 
are here today. Like everyone else, I am frustrated that we never 
seem to make any forward motion on this. It is a bipartisan issue. 
We all share the same concern and anxiety regarding security at 
the lab. I appreciate the aggressive nature the committee has 
taken on the crucial issue of national security. 

We have three witnesses today that can provide insight into the 
problems and hopefully solutions to the Los Alamos problems. Sec- 
retary Bodman, Inspector Friedman, Director Anastasio, gentle- 
men, I welcome you all here today and I look forward to entering 
into a constructive discussion with each of you. I understand that 
there have been improvements made, but there are still many, 
many challenges ahead of both you and us. 

Today we are going to be reviewing the findings of both the per- 
sonnel security task force and the cyber security task force. I am 
encouraged by reading about the task forces, but unfortunately, we 
have been told in the past that actions and repercussions will occur 
but they never do. That is why we have held hearing after hearing, 
year after year, on Los Alamos. To quote the Inspector General in 
his written statement, “Many of the actions are in process and the 
key to the successful resolution of the matter is detailed in our No- 
vember report, its implementation and execution.” Implementation 
and execution. You all have good ideas that will significantly affect 
the security of Los Alamos, but it is not enough for us to come here 
and hold these hearings and talk and talk and talk about it. One 
of these days someone is going to have to walk the walk. I am still 
not completely comfortable with using basically the same contrac- 
tor for operating Los Alamos. I do believe that Director Anastasio 
was capable and qualified to help turn things around but also men- 
tioned during the last hearing, you have some of the most intel- 
ligent minds in the world at work at Los Alamos. While there is 
clearly an institutional problem, we must also remember that there 
are thousands of hard-working employees at the lab who make a 
remarkable contribution to science and the country on a daily 
basis. 

Also at the last hearing, we discussed the issue of accountability. 
It is appropriate to readdress that issue today. While there are 
many organizational changes that can be made to better ensure the 
security of our country’s classified information, one of the easiest 
and most effective remedies is to make the contractor in charge of 
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security pay a steep and deep penalty. As a steward of the tax- 
payer dollar, I fully support this idea. If the contractor is penalized 
substantial sums, and in Washington substantial sums are sub- 
stantial sums of dollars, maybe then they will finally recognize how 
serious of a problem this is and must be stopped at all costs. 

One of the other things we learned at our hearing earlier this 
year was the fact that although the contract for the lab had been 
rebid and re-awarded, that that process could be opened again if 
there were substantial problems encountered. I would submit to 
you that it appears that there are substantial problems, but I 
would like an update on whether or not the Department of Energy 
is going to hold the contractor accountable for his actions or lack 
thereof, if there is going to be a reopening of the contract that was 
awarded the past year. 

I have also another issue within the Department of Energy that 
I think is appropriate to briefly mention and discuss. I understand 
that there is a strike occurring at a nuclear security weapons plant 
in my home State of Texas, the Pantex facility, and I would appre- 
ciate it if Secretary Bodman would give us a brief update on that 
issue and the impact of security at the plant. 

Again, Mr. Chairman, thank you for holding this bipartisan hear- 
ing in which we can further address the security at Los Alamos. 
We are all committed to continuing these hearings until this cycle 
of security breaches at Los Alamos is over once and for all. 

I yield back. 

Mr. Stupak. That concludes the opening statements. For the 
record, Mrs. Wilson is here from New Mexico and so is Mr. Udall, 
not members of the subcommittee but we welcome you, and I know 
you have been at every hearing we have had on this, Tom; and you 
certainly can be here when we go to the questions, and we will cer- 
tainly give you an opportunity to ask questions if you like. 

So that concludes the opening statements by members of the sub- 
committee. I will now call our first witness to come forward. Our 
first panel we have The Honorable Sam Bodman, Secretary of the 
U.S. Department of Energy. Secretary Bodman, it is the policy of 
the subcommittee to take all testimony under oath. Please be ad- 
vised that witnesses have the right under the rules of the House 
to be advised by counsel during the testimony. Do you wish to be 
represented by counsel? 

Secretary Bodman. No, sir. 

Mr. Stupak. OK. 

[Witness sworn.] 

Mr. Stupak. Mr. Secretary, you are under oath. You may begin 
your opening statement, please. 

STATEMENT OF HON. SAMUEL W. BODMAN, SECRETARY, 
DEPARTMENT OF ENERGY, WASHINGTON, DC 

Secretary Bodman. Mr. Chairman, Ranking Member Whitfield, 
members of the subcommittee, I am very pleased to be here to dis- 
cuss what I consider to be one of the most pressing management 
issues confronting my Department. 

Since coming to the Department, one of my top goals has been 
to institute a safer, more secure work environment across the DOE 
complex, and I have meant this to include physical safety and seen- 
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rity as well as cyber security. I want to be absolutely clear with all 
of you, the protection of sensitive information is essential to our 
ability to meet the mission of this Department. Without it, we can’t 
do it. 

What I would like to do today is to briefly outline the steps that 
we have taken since the Deputy Secretary testified before you in 
January. In summary, I would make two points. First, we have 
made significant progress in my judgment, and I am confident that 
we are on the right track. That being said, we are not satisfied 
with where we find ourselves today. We are sitting on top of this 
issue, we continue to look for ways to identify and correct any po- 
tential weaknesses. If I may, I would like to now describe some of 
the improvements and also note that more details appear in my 
written testimony which will be submitted for the record, if that is 
acceptable to the Chairman. 

First, we have made some senior management and oversight 
changes in response to the security breaches at Los Alamos. In 
January, I made what for me has been a very difficult decision and 
that is to replace the Under Secretary for Nuclear Security. Tom 
D’Agostino is the Acting Under Secretary and NNSA Adminis- 
trator. In addition, NNSA has reassigned the Los Alamos site office 
manager and has put one of its strongest managers, Daniel Glenn, 
in place as the Acting Manager. 

Further, Tom D’Agostino has requested that DOE’s Office of 
Health, Safety, and Security conduct annual inspections at Los Ala- 
mos for the next 3 years. This month, both NNSA’s Office of De- 
fense Nuclear Security and CIO will inspect LANL for cyber and 
physical security problems. In fact, the CIO has already been there 
and conducted her inspection. The site office will conduct annual 
and regular observations of the laboratory’s security program. 

I would just add that I continue to be in close contact with the 
senior leadership of the laboratory. In fact, I met with all of the 
national laboratory directors just last week in Chicago. At a depart- 
ment level, I have formed two teams of senior officials, including 
Under Secretaries, the Chief of Security, and our Chief Information 
Officer and asked them to make specific recommendations based on 
the report of the Department’s Inspector General who conducted 
his report at my request. I have directed that these recommenda- 
tions be implemented department-wide, including enhanced man- 
datory training for those involved in granting of security clear- 
ances; a strengthened departmental policy on drug testing that 
hold security clearances, everyone; better quality assurance over- 
sight for granting security clearances; and a revised organizational 
structure for our personnel security program that will ensure ac- 
countability. 

We are also taking actions based on the recommendations from 
our cyber security team. Those include mandatory separation of du- 
ties for critical positions, improved training for all individuals with 
cyber security responsibilities, and improved line management 
oversight. We are carrying out the Department’s new authorities 
related to assessing civil penalties for classified information secu- 
rity violations. At the same time, the laboratory’s current manage- 
ment contractor, LANS, is also taking corrective action of their 
own. Among other issues, LANS recognizes that the lab’s volume 
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of classified holdings is unnecessarily large, it is conducting in too 
many security areas, involves too many people, and is too spread 
out. As a result and with the approval of NNSA, they are aggres- 
sively reducing the number of locations where they hold and proc- 
ess classified matter. 

In closing, Mr. Chairman, let me say this. The men and women 
who work at our national laboratories are among the world’s most 
talented scientists and engineers. Since their founding, these lab- 
oratories have demonstrated again and again the tremendous 
power and terrific promise of science to help our nation solve our 
greatest challenges. But such a system cannot tolerate the kind of 
lapses in security that we have seen, be they in the physical or 
cyber realm. Protecting critical information and maintaining a vi- 
brant collaborative science culture are not in my judgment mutu- 
ally exclusive. Quite the opposite is true. In this case, you abso- 
lutely cannot achieve one without the other; and you continue to 
have my word that I will do everything in my power to support 
both objectives. The American people deserve no less. 

I would like to say, sir, that in my view, the objectives of this 
committee and all of the statements that I have heard made by the 
members of the committee are very consistent with my own feel- 
ings. We have a real problem here, and I think we have the oppor- 
tunity of working together to try to deal with it. Thank you very 
much. 

[The prepared statement Secretary Bodman appears at the con- 
clusion of the hearing.] 

Mr. Whitfield. Mr. Chairman, may I ask a procedural question 
before we begin our questioning? I know that we do have some in- 
formation, Official Use Only information, particularly relating to 
the rating summary for the Los Alamos plant and various areas, 
and in the past, whenever we’ve discussed Official Use Only infor- 
mation, we have either gone into executive session or a closed ses- 
sion or we have worked with the Department to agree on redacted 
material before we release anything to the public. I mean, that is 
one of the documents there. I know it has been partially redacted, 
but I would ask the chairman what his intent is on this issue relat- 
ing to Official Use Only. 

Mr. Stupak. Well, I thank the gentleman for posing the question. 
As you can see on the ratings summary, and we had it up during 
my opening statement, that was the most recent Los Alamos site 
office and lab rating summary. The broad categories are there, but 
the detailed areas of security have been redacted at the request of 
the minority and the majority; and the documents with more de- 
tailed information in there will not be released and have no inten- 
tions of being released, even the ones I think we have in Secretary 
Bodman’s book up there is all redacted. For the audience, the yel- 
low part there is probably about a C-minus if we are grading this. 
Green is maybe a B. That’s good. R is really bad. I guess that is 
what R stands for, really bad. In 1999, the report was better than 
this and we seem to be on a downhill slope. So I am sure there will 
be questions about it, but there are no details in there. What does 
emergency management, that is the broad category or cyber secu- 
rity, but we do not have any details in there nor do we intend to 
release any of those details. As you have said, they are for official 
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use, even though this committee or any member would have a right 
to release it I believe in a hearing in the context of their official 
duties, but we are going to leave it like it is. 

Mr. Whitfield. Well, I appreciate 

Mr. Stupak. Not to hold you up. 

Mr. Whitfield. Yes, I appreciate that, Mr. Chairman. And I 
think all of us would stipulate that the grades that the Department 
has received on this are not particularly good, but I really appre- 
ciate your conveying that information. And I am assuming that is 
the only Official Use document that we have. So thank you very 
much. 

Mr. Stupak. If it would have had the details in, it would have 
been Official Use. Since it has been redacted, it is my understand- 
ing it is no longer Official Use. That document can be released. The 
ones that say Official Use with the details, there is no intention 
that I know of of anyone on this committee or myself or staffs of 
releasing that. Thank you. 

In order to proceed in a more orderly and efficient manner, I 
would like to propose and set up 5 minutes for each member for 
questions, that each member will have 10 minutes to use for ques- 
tioning during this hearing. Any objection? I see ranking member 
of the full committee, Mr. Barton, has just arrived. Before we go 
into questions, would you care to make an opening statement, sir? 

Mr. Barton. Thank you, Mr. Chairman, but I am a little bit late 
so to expedite the hearing, I know we have got some votes, so I will 
put my statement in the record. 

Mr. Stupak. Yes, we have nine votes coming up here. I don’t 
know if you want to do an opening before we do the votes and I 
don’t know if we want to get halfway through the questions and 
have to stop. 

Mr. Barton. No. 

Mr. Stupak. OK. Then we will proceed to questions. I will start 
off. 

Mr. Secretary, the Cyber Security Task Force calls for an inde- 
pendent oversight review of cyber security at Los Alamos this year. 
Your testimony calls for annual reviews. Is Los Alamos in compli- 
ance with all DOE directives regarding security as we sit here 
today? 

Secretary BoDMAN. No. 

Mr. Stupak. In what areas are they still deficient? 

Secretary BoDMAN. Well, we have a number of recommendations 
that have been put in place in the cyber security area, most nota- 
bly a systems manual that was delivered and made available to the 
contractors and with the stipulation that these be entered into the 
agreements with each contract. 

Mr. Stupak. So it is not entered into the contract? 

Secretary BoDMAN. They are in the process of being entered into 
it. I think it was on the date of March 8 that the security manual 
was issued. They have 90 days in which to accomplish that, and 
we expect them to accomplish that by June 8. Now that will then 
put it in being a part of the contract. 

Mr. Stupak. Correct. 

Secretary BoDMAN. There will then be a period of time. I can 
read through the various issues if you would like. 
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Mr. Stupak. When do you think the implementation will he? 

Secretary BoDMAN. It is going to he a couple of years, sir, before 
all of this is done because this calls for training, it calls for a 
change in the way we manage the entire cyber security responsibil- 
ities of the Department. 

Mr. Stupak. If it is going to be a couple of years, I think we will 
be having a 14th, 15th, and 16th hearing then. In summary, you 
were summing up and you said LANS, the new contractor who is 
in charge of this lab 

Secretary BoDMAN. Yes. 

Mr. Stupak. You see them, might as well call them, 60 percent 
of LANS is University of California 

Secretary BoDMAN. No, sir, it is not, sir. 

Mr. Stupak. OK. 

Secretary BoDMAN. Sir, it is not. The 60 percent is not Califor- 
nia. 

Mr. Stupak. OK. LANS is now in charge. 

Secretary BoDMAN. That is correct. 

Mr. Stupak. Sixty-three years of U.C., now we got LANS. 

Secretary BoDMAN. That is correct. 

Mr. Stupak. OK. LANS, if I heard you correctly at the end, 
LANS agrees that Los Alamos is too large, too many people, and 
too spread out is what you said at the end, correct? 

Secretary BoDMAN. They believe that the use of classified infor- 
mation, that there are too many centers, we have too many classi- 
fied retrievable electronic media that are being used, and there is 
a specific program that I am sure Director Anastasio will review 
with you for reducing those. 

Mr. Stupak. OK. As you know, we have asked the GAO to take 
a look at this. 

Secretary BoDMAN. Yes, sir. 

Mr. Stupak. Not just in the cyber security but the whole foot- 
print out there because many of us feel the repeated security 
breaches at Los Alamos, because it is too large, too many people, 
too spread out, and when it takes years to implement policy, we do 
not feel real confident that the implementation and the policy will 
be completed in a timely manner and we will be back here again 
with more breaches. So if it going to take years to implement secu- 
rity agreements, that really bothers us. 

Secretary BoDMAN. Well, some of it, sir, depends on budgets. In 
other words, these will be costly, they will require the approval of 
this Congress in order to get sufficient funds to do what needs to 
be done. 

Mr. Stupak. So the taxpayers are going to pay for all these new 
security measures? 

Secretary BoDMAN. It will be perhaps shifted around from one 
part of the organization to another, so I am not saying there will 
be a total increase in the budget but I am saying there will be a 
funding for this that is required. 

Mr. Stupak. Well, I don’t want to throw good money after bad, 
but we are a little concerned here when we learned this past week 
that the enforcement mechanism for LANS wasn’t even in the con- 
tract. Now, 13 months later I guess it is inserted. So when I said 



177 


get-out-of-jail-free card, that is from the game Monopoly and this 
is real money, not paper money. 

Secretary BODMAN. I understand that. 

Mr. Stupak. You have a monopoly when one entity you see has 
managed this lab for 63 years and still is part of LANS. And so 
we can’t be giving out get-out-of-j ail-free, using taxpayer money, 
and a management monopoly and we are back here all the time 
doing the same thing. 

Let me ask you this question. The Inspector General’s testimony 
said the Federal and contract managers need to manage the lab 
more aggressively and the Department and the lab must develop 
a regiment of compliance testing. However, it appears you are 
going in the opposite direction by using a pilot program at Los Ala- 
mos which is based on reduced Federal oversight and increased 
contractor self-assessment. Given the core weaknesses in security, 
safety, and the history of mismanagement, do you believe that re- 
duced Federal oversight is appropriate model at this time espe- 
cially when it is going to take near 3 or 4 years? 

Secretary BoDMAN. Of course not. 

Mr. Stupak. Then why would you propose a test pilot program 
at Los Alamos? 

Secretary BoDMAN. I don’t understand what that is. I never 
heard of it. 

Mr. Stupak. You have no idea? OK. All right. Secretary, is it 
true that during the investigation of the security incident the De- 
partment learned the subcontractor employee had taken an unse- 
cure cell phone into the vault at Los Alamos? 

Secretary BoDMAN. Yes, I heard that yesterday in preparation for 
this hearing that there was some allegation of that, but I do not 
know anything about that. 

Mr. Stupak. We heard that some time ago. From the January 
hearing to now, we heard about this. We heard about the enforce- 
ment part of the contract not being there, now we hear about a cell 
phone. What are we going to hear about next? I thought we had 
this thing. 

Secretary BoDMAN. Mr. Chairman, I will repeat for you, sir. 

Mr. Stupak. Sure. 

Secretary BoDMAN. I do have a record of truthfulness and integ- 
rity in handling management matters. I do have a record of some 
competence in handling management matters. Now, some of your 
statements, sir, in my judgment are not correct. They have the 
wrong premise. 

And I have attempted to correct those as we have gone along. 

Mr. Stupak. What is not correct? 

Secretary BoDMAN. So I will tell you, sir, that we are committed, 
I am personally committed, to trying to improve the security situa- 
tion at Los Alamos. I frankly find myself in a position of some em- 
barrassment. Why? Because I did not personally ask the right 
questions in the early days of my tenure in this job, and the ques- 
tions might have been something along the line have all past Dec- 
larations of Secretaries been included in the policy that has been 
included in the contracts between this Department or between the 
NNSA and the contractor? The answer is no, they have not been. 
And so there are many things. Why haven’t we had a compulsory 
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drug testing program for all members who are cleared? We have 
not had. We will now to the extent that we are able to do it. And 
so I am just saying that there are number of things that have been 
done, and I am here to tell you that I am committed to trying to 
get it done but I also repeat I am somewhat embarrassed I didn’t 
ask all the right questions in the beginning. 

Mr. Stupak. Let me ask you, the January 30 hearing, did the 
Department of Energy know that they didn’t put the enforcement 
mechanisms, the DOE Order 470, in the LANS contract in Janu- 
ary? 

Secretary BODMAN. I don’t know, sir. 

Mr. Stupak. All right. 

Secretary BoDMAN. I learned about it about that time. 

Mr. Stupak. About that time? 

Secretary BoDMAN. Yes, sir. 

Mr. Stupak. And no one told us about it until last week? 

Secretary BoDMAN. That was about the time we learned about it. 
I may have been a week or two earlier, but I just don’t know. 

Mr. Stupak. Well, last week is a lot different from January 30. 
That is quite a bit of timeframe. What about the cell phone inci- 
dent in the vault? You just learned about that, too? 

Secretary BoDMAN. I just learned that the allegation of the cell 
phone in the vault. I don’t know of the truth. This is an investiga- 
tion, sir, that is still ongoing; and I would remind you on that, and 
so I am unable to comment on anything specific that I have heard. 
But I just tell you with respect to any questions about the cell 
phone, I have not heard about it before. 

Mr. Stupak. Well, when is your investigation anticipated then to 
be done? 

Secretary BoDMAN. It is not my investigation, sir. This is some- 
thing being handled by the FBI. 

Mr. Stupak. OK. 

Secretary BoDMAN. So I can’t answer for them. 

Mr. Stupak. So after the FBI is done and after they brief this 
committee, are you going to come back up to this committee then 
and tell us the facts of the investigation as you know it? 

Secretary BoDMAN. We will report to you the facts. 

Mr. Stupak. Well, we would just as soon get them on the record 
so we don’t have to have more hearings, but this information keep 
dribbling out is not good. 

Mr. Secretary, let me ask you this. Was it a violation of DOE pol- 
icy, I am talking about DOE policy now, to approve a security 
clearance for an employee who admits to using illegal drugs in the 
30-day period prior to the approval of their security clearance? 

Secretary BoDMAN. I don’t know if it was a violation of DOE pol- 
icy, but it didn’t make any sense to do that, sir. 

Mr. Stupak. OK. And in review, we have seen at least two other 
employees and 18 others who have what you call derogatory infor- 
mation in it who have received security clearance that probably 
based on derogatory information should not have received it or had 
used drugs within 30 days of receiving that clearance? 

Secretary BoDMAN. I don’t know what those were. I can tell you 
that part of the recommendation on the improvements in the seen- 
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rity system for the Department involves a review of all of the clear- 
ances that were provided 

Mr. Walden. Mr. Chairman, can I ask a point of parliamentary 
inquiry? I thought you moved that we would reduce the amount of 
time for questions to 5 minutes? 

Mr. Stupak. Ten minutes we said. 

Mr. Walden. Ten minutes? OK. 

Mr. Stupak. Go ahead, Mr. Secretary. I think where you are 
going is the question I was trying to ask. The Department is going 
to implement the task force’s recommendation to review all 4,360 
security clearances 

Secretary BoDMAN. There are some 4,000 that we are in the 
process of doing, and I expect to have that done during the balance 
of this season. I would guess during the summertime. 

Mr. Stupak. Thank you, Mr. Secretary. Mr. Whitfield for ques- 
tioning? We have 6 minutes left. 

Mr. Whitfield. I am going to take 5 minutes and then come 
back when — Mr. Secretary, before you came to the Department of 
Energy, and I know you have other Government experience, but 
you certainly had a reputation in the private sector as being a 
strong executive. And when you look at this situation, you hear a 
lot of comparison about Lawrence Livermore and Los Alamos; and 
we know that the University of California has been involved in the 
management of both of them for many, many years, for about 63 
years or so, and yet there doesn’t seem to be the problems at Law- 
rence Livermore as there is at Los Alamos. 

From your position as Secretary of Energy and experiences run- 
ning business, as a strong executive, why do you feel that there has 
been so much problems at one of these labs but not the other? 

Secretary BoDMAN. That is sort of a speculation on my part. I 
guess I would cite for you, sir, there are significant differences be- 
tween the two institutions as to where they are located, geographic 
location, and getting the right management. In San Francisco is a 
very different matter than getting the right people to move to Los 
Alamos and to take on that assignment. So that would be one com- 
ment. 

Comment two, I think it goes back to the very history of the lab- 
oratory. There have been issues of security, if you read back the 
history of this, for 60 years and there has been a very challenging 
environment there because of the preeminence of science and less 
interest apparently at times in security responsibilities. The one 
you should really ask that question of is Mr. Anastasio who will 
testify next. And if I had to answer that question, he is the person 
I would ask. 

Mr. Whitfield. OK. 

Secretary BoDMAN. He has been at both places. 

Mr. Whitfield. Who at the Department was responsible for 
overseeing the contract letting that LANS recently won and the se- 
curity requirements were omitted from that contract? Who in the 
Department was really responsible for negotiating that contract? 

Secretary BoDMAN. Ultimately, I am responsible, Mr. Whitfield 
for the contract. You then go down through Linton Brooks who was 
the Administrator and oversaw the activity that had that respon- 
sibility, Tom D’Agostino who oversaw it. A lot of things went on if 
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I may say at that point in time. I also would add, this is the world 
according to Sam and not anything else, I think that there will be 
ample opportunity whether or not there is the specific inclusion of 
specific arrangements in there for whatever penalties are deemed 
desirable by the enforcement actions to be implemented. 

Mr. Whitfield. Some people feel like the University of California 
has been involved in the management of this plant for 63 years; 
and there was a strong argument that maybe we need to just 
change it completely, and I know they are still a part of LANS. 

Secretary BODMAN. Right. 

Mr. Whitfield. Was there any discussion of that at the Depart- 
ment about maybe just a complete culture change by changing the 
major 

Secretary BoDMAN. Yes, there certainly was a discussion, and I 
think that first of all it is important to recognize that there are 
very specific Federal procurement rules that apply that involve a 
Source Selection Officer and a Source Evaluation Committee that 
provides information for the Source Selection Officer, and these are 
all career employees. And so it is something that is done in order 
to prevent political interference with the ultimate decision. 

So I know there was a discussion of this general matter, but I 
would think that it is important to recognize that the team was 
recognized for the combined scientific excellence in the University 
of California and the management expertise of both Bechtel as well 
as BWXT and the Washington Group. 

Mr. Whitfield. Right. 

Secretary BoDMAN. Now, this group I will tell you, I have person- 
ally dealt with this board on a one-on-one basis meeting with both 
the chairman and the vice-chairman of the Board since this event 
occurred, I think it is fair to say this event caught them by surprise 
just as to how serious this matter was and is. They immediately 
dispatched their own people — I am sure Dr. Anastasio will review 
that with you — in order to review the situation. They found a very 
glaring failure in cyber security programs, they said about their 
own programs, over and beyond anything we are doing in order to 
try and deal with this. 

Mr. Whitfield. Well, Mr. Secretary thank you. We have about 
a minute left so I guess we need to get over and vote. 

Mr. Stupak. ok. So we have seven votes, so let us adjourn. We 
should be back 11:15 or so. We will adjourn the hearing until then. 
How is that with you, Mr. Secretary? 

Secretary BoDMAN. Whatever you say, sir. I will be happy to 

Mr. Stupak. Well, you got to remember 

Secretary BoDMAN. I got a limit as to how long I can stay the 
rest of the day. 

Mr. Stupak. Yes, and unfortunately they give us seven votes 
right now. 

Secretary BoDMAN. I understand that and I honor that. I want 
you to honor what time pressures I have, sir. 

Mr. Stupak. I understand. 

Secretary BoDMAN. Thank you. 

Mr. Stupak. Thank you. The subcommittee stands recessed until 
11:15. 

[Recess.] 
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Mr. Stupak. a lot longer than we all thought. We thought we 
had seven votes and it ended up being nine plus motions to recom- 
mit. 

Unfortunately, the Secretary, as he indicated, had a noon ap- 
pointment that he had to make and so we dismissed him. We may 
call him back at some time in the future. But had he been here I 
would have asked him again about DOE’s pilot oversight model at 
Los Alamos that he seemed to know nothing about. I would for the 
record like to read the general question I asked the Secretary about 
this pilot. My question was, Mr. Secretary, the Inspector General’s 
testimony said the Federal and contract managers need to manage 
the lab more aggressively in the Department and the lab must de- 
velop a regiment of compliance testing. However, DOE is going in 
the opposite direction by using a pilot program at Los Alamos 
which is based on reduced Federal oversight and increased contrac- 
tor self-assessment. Given the core weaknesses in security, safety, 
and the history of mismanagement, do you believe that reduced 
Federal oversight is the appropriate model at this time? If so, why? 
The Secretary claimed he did not know anything about this pilot. 
In fact, our staff has provided an official Department of Energy 
memorandum establishing this pilot specifically for Los Alamos. 

It is also my understanding that this pilot is well-known by other 
key officials including the Inspector General who is rather critical 
of it. I intend to ask the Inspector General, our next panel here, 
(a), if they know about the pilot and, (b), what concerns does he 
have about it. But now perhaps more importantly, I intend to ask 
the IGY when this memo was signed by the former NNSA Chief, 
Ambassador Linton Brooks, the Secretary would apparently know 
nothing of it. I find that troubling unto itself, and we will ask the 
Secretary in writing the same questions. 

We have had problems as you all know in the past with the head 
of the National Nuclear Security Administration not conveying key 
management information related to the Secretary. I wonder if this 
is yet another example. 

So we can move to our second panel so we can get these ques- 
tions out. I will now call our second panel of witnesses, the Honor- 
able Gregory Friedman, Inspector General for the Department of 
Energy, and Mr. Michael Anastasio, Director of the Los Alamos 
Nuclear Laboratory. 

It is the policy of this subcommittee, gentlemen, to take all testi- 
mony under oath. Please be advised witnesses have the right under 
the rules of the House to be advised by counsel during their testi- 
mony. Do any of you wish to be represented by counsel? Mr. Fried- 
man? 

Mr. Friedman. No. 

Mr. Anastasio. No. 

[Witnesses sworn.] 

Mr. Stupak. Thank you. The record should reflect the witnesses 
have replied in the affirmative. You are now under oath. Mr. Fried- 
man, we will start with you. Five-minute opening statement, sir. 
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STATEMENT OF HON. GREGORY H. FRIEDMAN, INSPECTOR 
GENERAL, U.S. DEPARTMENT OF ENERGY, WASHINGTON, DC 

Mr. Friedman. Mr. Chairman and members of the subcommittee, 
I am pleased to be here at your request to testify in the concerns 
expressed in your April 5 letter regarding operations at the Los Al- 
amos National Laboratory. 

In January 2007 I testified before this subcommittee on the spe- 
cial inquiry conducted by my office regarding the diversion of clas- 
sified data from Los Alamos. Specifically at the request of the Sec- 
retary of Energy, we examined the efforts of the Department and 
its contractors to protect classified information and the steps that 
were taken to assure that only authorized individuals had access 
to such information. Our report on this matter was issued on No- 
vember 27, 2007. The Office of Inspector General found the security 
environment at Los Alamos is inadequate despite the expenditure 
of millions of dollars by the National Nuclear Administration to up- 
grade various components of the laboratory’s security apparatus. In 
particular to the cyber security control structure we found that cer- 
tain computer ports had not been disabled, classified computer 
racks were not locked, and some individuals were inappropriately 
granted access to classified computers and equipment to which they 
were not entitled. 

In many cases, laboratory management staff had not developed 
policies necessary to protect classified information, enforce existing 
safeguards, or provided the attention or emphasis necessary to en- 
sure protective measures were adequate. 

Some of the security policies were conflicting or applied inconsist- 
ently. We also found the laboratory and Federal officials were not 
as aggressive as they should have been in conducting security re- 
views and physical inspections. In short, our findings raise serious 
concerns about the laboratory’s ability to protect both classified and 
sensitive information systems. 

The OIG also reviewed certain aspects of the security clearance 
process in place for laboratory employees. We identified particular 
weaknesses associated with this program which were discussed in 
a closed-session of this subcommittee in January 2007. 

After this incident was discovered. Department and laboratory 
management officials launched several efforts to identify and cor- 
rect and control deficiencies that certainly contributed to an envi- 
ronment which classified information could be removed without au- 
thorization. In particular, the Deputy Secretary directed an imme- 
diate review of policies and practices related to computer ports at 
each of the Departments’ facilities. Further, the Secretary estab- 
lished two high-level task forces to address our findings. The re- 
ports of the Secretary’s task forces and a list of the proposed direc- 
tive actions were provided to my office last week. Many of the cor- 
rective actions outlined by the two task forces are in progress. Im- 
plementation, deployment, and execution are key. If properly car- 
ried out, the corrective actions should improve classified operations 
at Los Alamos and could help prevent similar incidents at depart- 
mental facilities throughout the complex. 

As I have testified on several occasions, the Department must do 
a better job addressing the recurring challenges it faces, and I have 
four or five specific suggestions. Number 1, with regard to the cur- 
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rent matter, the Department must ensure that all actions and rec- 
ommendations outlined in the Task Force Reports are formalized 
into policy and adopted as practice throughout the Department. As 
part of that effort, these policies should he incorporated into all fa- 
cility contracts. 

Two, to achieve the recommended reforms, the Department must 
establish firm schedules with specific implementation timelines 
and performance metrics. No. 3 both Federal and contractor offi- 
cials need to manage more aggressively. As part of that process, 
the Department needs to ensure that its Federal contract manage- 
ment function is adequately staffed with the appropriate skill mix. 
In addition. Department and laboratory officials must develop a 
more comprehensive regimen of compliance testing and follow up 
to ensure that security policies and procedures are rigorously fol- 
lowed. Individuals and institutions, both Federal and contracted, 
must be held accountable for failure to follow established security 
measures. As it has begun to do so in response to the most recent 
Los Alamos incident, the Department should emphasize that the 
failure to properly protect classified information and materials will 
have meanin^ul consequences. 

Finally, consistent with our 2006 recommendation, we continue 
to believe the Department should perform a risk-based evaluation 
of cyber security funding at Los Alamos. The objective of this eval- 
uation would be to ensure that the resources are available for com- 
plete implementation of the revised cyber security policies and pro- 
cedures. 

For the past 5 years we have identified both cyber and physical 
security as pressing management challenges. For these reasons and 
because of the recent incidents, the Office of Inspector General con- 
tinues to be concerned about the security across the Department of 
Energy complex. We have ongoing activities to examine information 
technology and system security, implementation to revise security 
measures, disposal of sensitive property, and issues related to pro- 
tective force training. 

In addition to our ongoing work, the full committee in January 
2007 requested that the GAO examine the security of the Depart- 
ment’s unclassified and classified information networks and its 
cyber security programs. My office coordinates closely with GAO on 
reviews of the Department, and we are hopeful that he assessment 
requested by the committee will provide recommendations leading 
to a strengthened agency-wide security posture. My office continues 
to conduct audit inspection investigative work that complements 
the reviews requested by the committee. 

Mr. Chairman, this concludes my statement. I would be pleased 
to answer any questions you may have. 

[The prepared statement of Mr. Friedman appears at the conclu- 
sion of the hearing.] 

Mr. Stupak. Thank you, sir. Next we will hear from Mr. 
Anastasio for 5 minutes. 
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STATEMENT OF MICHAEL R. ANASTASIO, DIRECTOR, LOS 
ALAMOS NATIONAL LABORATORY 

Mr. Anastasio. Good afternoon, Chairman Stupak, Ranking 
Member Whitfield, and other members of the committee. Thank 
you for the opportunity to update you on our progress. 

As you know, I am Michael Anastasio, Director of the Los Ala- 
mos National Laboratory since June 2006 and president of the Los 
Alamos National Security, LLC. 

I am pleased to report that we have continued to make signifi- 
cant progress on many fronts since I last addressed this sub- 
committee 11 weeks ago. Today, in keeping with the subject of this 
hearing, I will focus on security; and I want to reiterate what I said 
at the last hearing, that I personally take the issue of security at 
Los Alamos very, very seriously. 

First, we have significantly reduced risks in both cyber and phys- 
ical security, and this includes reducing and consolidating classified 
holdings, per the subcommittee’s stated concerns. Second, we have 
taken actions to make policy clear and consistent and to change 
employee behaviors. And third, we are putting in place comprehen- 
sive corrective actions with a major focus on long-term sustain- 
ability. 

Here are some examples of the specific actions my management 
team, my Board of Governors, and I myself personally are taking 
to reduce risk. Starting with cyber security, we now have positive 
control over all our classified computer ports using a combination 
of software, physical locks, and tamper-indicating devices. All of 
our classified systems have been inspected and found to be compli- 
ant, and we have reduced the number of stand-alone classified sys- 
tems by 28 percent. 

As for physical security improvements, we have made our vault 
escort requirements clearer and tougher, for example, requiring the 
search of all belongings carried by those escorted both in and out 
of the vaults. By December, we will have reduced our accountable 
classified removable electronic media, known as ACREM, by 50 
percent. We have destroyed almost 1,500 classified parts and 500 
boxes of classified documents that we inherited. We have elimi- 
nated 14 vault-type rooms, a reduction of 10 percent, with more to 
come. 

In the area of policy and behaviors, we have uniformly trained 
our Information Systems Security Officers, our ISSOs, and are hir- 
ing senior ISSOs in all key organizations to provide consistency 
across the laboratory. 

We are clarifying and simplifying security policy. In addition to 
mandatory training, we will promote the right behaviors through 
active employee participation. For example, we have directly in- 
volved employees and worker-led security teams at multiple levels 
in our line organizations. 

On March 5, we launched and enhanced substance abuse pro- 
gram where every newly hired employee is tested for illegal drugs 
and every badge holder is now subject to random testing, regard- 
less of his or her clearance level. 

For long-term effectiveness and sustainability, we have begun 
constructing a super vault-type room, the first of its kind. This will 
allow us to consolidate and uniformly control classified information 
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managed by security professionals. At the same time, it will give 
authorized users efficient access to this information. I expect to 
complete construction of the first functional prototype this June. 
This project will initially allow us to close six additional vault-type 
rooms and reduce our ACREM libraries by one-third. By construct- 
ing additional super vault-type rooms, we will reduce the number 
of classified vaults to an absolute minimum consistent with our 
operational and mission requirements. 

We have also been careful to embed validation and verification 
regimes into our corrective action plans in order to sustain all of 
these efforts and to prevent any backsliding. Moreover, everything 
we are doing is being closely scrutinized, not only by Congress but 
by my own Board of Governors, by the DOE, NNSA, and other 
oversight bodies. I welcome that continuing scrutiny. It validates 
that we are heading in the right direction and keeps our eye on the 
ball. 

So in conclusion, Mr. Chairman, as I have testified previously on 
this issue, there are no silver bullets where security is concerned, 
but with these security enhancements and Board of Governors’ sup- 
port and oversight, we are aggressively moving Los Alamos in the 
right direction as we are in many other fronts vital to our success 
as a national security science laboratory. 

Thank you again for the opportunity to testify, and I am happy 
to take your questions. 

[The prepared statement of Mr. Anastasio appears at the conclu- 
sion of the hearing.] 

Mr. Stupak. Thank you both for being here, and we will start 
with questioning that will go for 10 minutes. I am glad to see Mr. 
Udall is still here. It is Friday, the votes are over for the week, ev- 
eryone has taken off, but Mr. Udall has great interest in this. He 
remains with us. Thank you again, Tom. 

Before we begin, Mr. Friedman, I indicated I was going to ask 
you the same question I put to the Secretary about your testimony 
that the Federal and contractor managers need to be more aggres- 
sive. In fact, you said that in your opening statement and the De- 
partment must develop a regimen in compliance. However, we 
seem to have this pilot program at Los Alamos which really would 
reduce Federal oversight increase, contractor self-assessment. Do 
you believe that reduced Federal oversight is the appropriate model 
at this time? If so or if no, why not? 

Mr. Friedman. I do not, Mr. Stupak. We have been following this 
proposal for several years. 

Mr. Stupak. So you are familiar with this pilot project? 

Mr. Friedman. Yes. 

Mr. Stupak. And it has been around for a number of years? 

Mr. Friedman. Yes. 

Mr. Stupak. It is it site-specific to Los Alamos? 

Mr. Friedman. Well, I am not the expert as to how they are rul- 
ing it out, but it seemed to me it may have initiated at Sandia and 
it has some relationship to the Kansas City plant; but certainly it 
is contemplated for Los Alamos as well. 

Mr. Stupak. Right, the document I held up, the memo, was from 
Linton F. Brooks, the Administrator, and former ambassador. It’s 
the pilot of the new National Nuclear Security Administration, 
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oversight model for Los Alamos. This is the document you are 
speaking of? 

Mr. Friedman. I assume it is. 

Mr. Stupak. While we are here, I will wait until Ed gets back, 
but I would like to move for admission in the record. It actually 
says in December 2002 we announced a new approach to oversight 
with the National Nuclear Security Administration. So this is the 
pilot program we have been speaking about? 

Mr. Friedman. Yes, this memo is not dated and I am not sure 
when I did see it. 

Mr. Stupak. It is signed by Ambassador Brooks? 

Mr. Friedman. It does appear to be, yes. 

Mr. Stupak. Why would a Secretary not know about a memo 
dealing with Los Alamos as to a pilot of the new National Nuclear 
Security Administration oversight model for Los Alamos? 

Mr. Friedman. I certainly cannot testify on behalf of the Sec- 
retary on that. I really don’t know. 

Mr. Stupak. Should the Secretary be made aware of it? 

Mr. Friedman. The span of activities in the Department of En- 
ergy is enormous, and perhaps he was aware of it under some 
other name. I just can’t speak for him. 

Mr. Stupak. OK. I also asked the Secretary about the cell phone 
in a vault. Do you have any knowledge of that in your overview 
about this employee had a cell phone in a vault? 

Mr. Friedman. Mr. Stupak, as I recall your background, I think 
you have a law enforcement background. 

Mr. Stupak. Yes. 

Mr. Friedman. And I am ill at ease answering your question. 
There is an ongoing FBI investigation with deep involvement of the 
Justice Department and the question of the individual’s back- 
ground, and what is in her investigative file is certainly part of 
that investigation. And I would not want to say anything inadvert- 
ently in response to your question that would compromise that. I 
am familiar with at least one incident, and there was an allegation 
of a second incident. 

Mr. Stupak. Of a cell phone in a vault? 

Mr. Friedman. Right. 

Mr. Stupak. It is an unsecured cell phone in a secured vault? 

Mr. Friedman. Essentially that is correct. 

Mr. Stupak. OK. And is this a 

Mr. Friedman. I should say I think it is a personal cell phone. 

Mr. Stupak. Right. Personal or departmental but it was an unse- 
cured cell phone. And is this a breach or violation of security at Los 
Alamos? 

Mr. Friedman. My understanding it most certainly is or was. 

Mr. Stupak. OK. And again, if the Secretary is briefed about an 
investigation, if there are these allegations, he certainly should be 
made aware of it. You see, my problem is the last time we testified 
here in January we had the breach about the employee’s personal 
information being put out on the web inadvertently, and the Sec- 
retary didn’t seem to know about that or DOE Order 470, we don’t 
seem to know anything about that, we don’t seem to know anything 
about the cell phone. It seems like not only is there structural 
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problems within Los Alamos and DOE but it seems like there is 
a communication problem, too. 

Mr. Friedman. Well, I think that the people most directly re- 
sponsible for operations of the laboratory and the Federal site were 
aware of the incidents as best I could determine, and certainly we 
were aware of them. So the fact that the Secretary was not aware 
of them given the, again, the scope of his activities, I am not sure 
it is all that surprising. 

Mr. Stupak. The fact that you’re aware of it, someone in DOE 
should be made aware of it. 

Mr. Friedman. Yes, absolutely. 

Mr. Stupak. What’s the problem with this pilot program here? 
What are your concerns specifically? Does it lead to less Federal 
oversight and more self-assessment by the contractor? 

Mr. Friedman. I am not the best person to testify on the pro- 
gram itself, hut the essence of it is as you characterized it, reliance 
on self-assessment with a third-party review of the assessments, 
similar to commercial standards. I mean, that’s basically what 
we’re talking about. 

We have for many years been concerned, we have expressed this 
in a number of forums, about the effectiveness of the Department’s 
administration of its contracts. And it is our view that sort of step- 
ping back, while it may he satisfying for the contractors because it 
means less reports, less intrusive reviews, less evaluations, is not 
the approach that we should take. 

Mr. Stupak. It is not the aggressive approach that you’ve been 
suggesting? 

Mr. Friedman. No, it is not. 

Mr. Stupak. OK. The 550 security police officers went on strike 
at Pantex. I think Mr. Burgess mentioned it on the first span on 
his opening there, and there is a force of about 211 to replace them. 
Given your reduction in force size, and I understand some people 
have to work up to 84-hour workweeks, can you give an opinion 
whether the Nation’s most valuable nuclear assets are being pro- 
tected at a level that is sufficient to meet Department require- 
ments? 

Mr. Friedman. I don’t know how many people and I accept your 
numbers, Mr. Chairman, and I don’t quarrel with them. We issued 
a report I think last year at the Oak Ridge complex in which we 
were concerned about the amount of overtime, that it was excessive 
and it would lead to a degradation of the ability of the guard force. 
And I take it that the guards that have heen sent to Pantex have 
been sent from other locations throughout the Department com- 
plex. So certainly to the extent that we have heen concerned his- 
torically about overtime and the impact of the overtime on the abil- 
ity of the guards to do their job, there is that concern. 

Mr. Stupak. Well, besides the drawing of personnel from other 
areas of the other sites to heef up Pantex while we have this secu- 
rity police that went on strike there, what would be the longer- 
term consequences to the Pantex site operations if this dispute goes 
on for a protracted period of time? I guess my concern is Pantex, 
where we assemble everything and disassemble, seems like it is 
one of the more sensitive sites. So if this goes on for a protracted 
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period of time, that is going to lessen our security I would think 
overall. 

Mr. Friedman. Let me divert for just 1 second. I should tell you 
that in the interest of full disclosure that there are five or six 
points that have been expressed to us by the guards themselves 
and other individuals, and we are pursuing those aggressively. 
Now, we have an open inspections on those fundamental issues. 
And they do deal with core safety and security. I am not in the po- 
sition to evaluate what the short-term, mid-term, or long-term im- 
pact of a strike would be. I think it is pretty clear that this is one 
of the most sensitive sites that the U.S. Government has in the 
continental United States, and it is a situation which needs to be 
resolved as soon as possible or there will be potential consequences. 

Mr. Stupak. Thank you. Mr. Anastasio, I was a little concerned 
when the Secretary testified, and I think you were in the room 
then, about the memo here to do the implementation of your cyber 
security I believe it was, that the booklet was given to your organi- 
zation right around March 8, you have 90 days to comment on it, 
you send it back to the Department, and then he said it would be 
years to implement it. Why would it take years to implement the 
policy? 

You get 90 days, why would it take years to implement it. 

Mr. Anastasio. Well, it is a complicated set of requirements that 
takes 

Mr. Stupak. It is complicated to digest and 90 days to 

Mr. Anastasio. Excuse me? I am sorry, I didn’t hear it. 

Mr. Stupak. You have 90 days to digest it. 

Mr. Anastasio. Ninety days to comment and then we will have 
to put in place a plan that will do the implementation over a spe- 
cific period of time; and then of course, we will have lots of over- 
sight and the effectiveness of carrying out that plan, both to put 
it in place and to make sure that we have an effective plan in place 
as we do that. 

Mr. Stupak. I mentioned and the Secretary objected to this, your 
new organization managing Los Alamos, is made up of UC people. 
What percentage? I said 60, he said it was not 60. What is it, do 
you know? 

Mr. Anastasio. The management is an equal partnership of the 
two major partners of the UC and the Bechtel National. 

Mr. Stupak. So if it is equal, is it 50 percent then? 

Mr. Anastasio. Yes, so as an example, the executive committee 
of the board has six members, three from the university and three 
from the industrial partners, so in that sense it is 

Mr. Stupak. OK. What about the board makeup then? 

Mr. Anastasio. There is the executive committee as I said and 
then there are an additional five members from outside any of the 
partner companies. Overall 11, but let us say the business deci- 
sions of the LLC are made by the Executive Committee. That is 
three and three. 

Mr. Stupak. OK. And that is 50 percent then basically? 

Mr. Anastasio. Yes, sir. 

Mr. Stupak. OK. I guess my time has expired. Mr. Walden for 
questions? 
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Mr. Walden. Thank you, Mr. Chairman. I appreciate that. Direc- 
tor Anastasio, in your testimony you pointed to progress at the site 
by stating, and I quote, “we have destroyed 500 boxes of classified 
documents we inherited at Los Alamos.” Sounds like a lot of docu- 
ments. However, I am told when the committee staff asked about 
how many classified documents there are at Los Alamos, to try and 
put this in perspective, the lab’s response was there is no require- 
ment to maintain strict accountability of each classified document. 
We cannot tell you how many classified documents we have which 
leaves some of us wondering, do you know how many classified doc- 
uments you have and there is no system in place to monitor those? 

Mr. Anastasio. There is a set of specific kinds of classified docu- 
ments that we are required to keep in an accountability system 
where we have a strict numbering system on every individual docu- 
ment, and we track those. But the general large collection of docu- 
ments that we have, there is not a requirement to keep it in strict 
accountability system. 

We do protect those documents in a very rigorous way. 

Mr. Walden. I understand the need to do that. I guess I am just 
trying to put your comment in perspective because I don’t know 
how big the boxes are. 

Mr. Anastasio. Oh, I am sorry. So we have probably I would es- 
timate, I don’t have an exact count, but I would estimate that we 
have several million classified documents. 

Mr. Walden. And so I guess the question is I have heard esti- 
mates of up to 30 million classified documents? 

Mr. Anastasio. That sounds high to me, but again, I don’t have 
an exact number. 

Mr. Walden. When you say you have destroyed 500 boxes of 
classified documents, is that 1,000 documents or is that 10,000 doc- 
uments? 

Mr. Anastasio. There are, kind of 

Mr. Walden. Just sort of file folder box documents? 

Mr. Anastasio. Yes, file folder boxes, yes, sir. 

Mr. Walden. So it wouldn’t be that many then? 

Mr. Anastasio. Not in relation to the total number. All I 
was 

Mr. Walden. That is what I am trying to do is get it in perspec- 
tive. 

Mr. Walden. Yes, sir. 

Mr. Anastasio. All I was trying to express is that we are actively 
in just the last 11 weeks off worlang down the large volume of both 
documents, parts, removable media, vault-type rooms and so forth. 
We have a concerted effort we have moved out on, and there is 
really concrete progress that we have made just the last 11 weeks. 

Mr. Walden. And I appreciate that. I think that is a good thing. 
How many boxes would normally be destroyed in a given year? I 
assume this is like my business where you are always shredding 
things from the prior year, and you are kind of keeping the shelv- 
ing available as you move forward another year. 

Mr. Anastasio. Unfortunately, my impression at Los Alamos is 
they have not destroyed many things very often. 

Mr. Walden. Classified as pack rats then? 
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Mr. Anastasio. So they keep labeling things and store them and 
to keep good records. Now we have good computer systems that we 
can scan and upload documents into a computer system that we 
can actually use the information more effectively that way because 
you can search it just like you would information on the Internet 
but in a classified network, in a classified computer, protected. 
Then that obviates the need for the document and we can start get- 
ting rid of documents. So there is a very active program and a very 
active desire on our employees, in fact, to move that way because 
it is easier to manage. 

Mr. Walden. Sure. We obviously, and I have, made reference to 
the J.B. Weld project of security enhancement at the labs, and I 
have had our prop here to point out a simple solution. I suppose 
the more simple solution would have been to order computers that 
don’t have USB ports to begin with, rather than glue these shut. 

As you replace computers, which I assume the lab is doing, are 
they ordering computers with USB ports in them or are they order- 
ing them without USB ports in them? 

Mr. Anastasio. Most computers have a USB port as an example 
to plug the keyboard in. That is through USB port, and of course, 
you need a keyboard on the computer. In some cases some com- 
puter you actually want to get information off the computers and 
you need a mechanism to do that. But what we have done is we 
have put controls in place that, for instance, even if you have a 
keyboard with a USB port plugged in, you can put software in 
place as an example that makes sure that that port only recognizes 
the keyboard. 

Mr. Walden. Right. 

Mr. Anastasio. If you try to put a fun drive or the equivalent 
into it, the computer doesn’t recognize what it is, it is incapable of 
reading that. When we move to this super vault-type rooms that 
I alluded to in my testimony, what we are looking at right now as 
part of this prototype is to have what I like to call an idiot savant 
computer, a computer that is very, very capable at displaying data 
but is very stupid at doing anything else. And so it doesn’t have 
the operating system capability to recognize ports to do anything. 
So there is a keyboard, there is a mouse, and it can display 3-E) 
very rapidly, high-resolution data, but it can’s process the data. 
That is done on the server that is locked up in this vault, protected 
by people who are security professionals with a different approach 
to security when done in the past. 

So that is the direction we are trying to move to really move 
away from being even concerned about whether you have a port or 
not, you are just going to disable it so that it can’t function at all. 

Mr. Walden. And clearly it is not really our job to micromanage 
the security of your labs, but it is our job to make sure somebody 
is doing that. And so I know we have all gotten to know each other 
all too well in the last few months and years. We couldn’t spend 
this time on every agency, but I can’t think of one that is more im- 
portant to American security in many respects than the one that 
you are in charge of And so I just still struggle at how these oppor- 
tunities to lose data occur as we saw I think it was last fall with 
the woman who took the data home and was working out of her 
home and then got caught. And I guess I just still struggle, won- 
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dering how is it so hard to fix? I mean, you were at Lawrence 
Livermore before, right? 

Mr. Anastasio. That is correct. 

Mr. Walden. And you didn’t see these kinds of breaches of secu- 
rity at Lawrence Livermore, did we? Did you? 

Mr. Anastasio. Not of this nature, no. 

Mr. Walden. So what is different here? I mean, you have been 
there a while now. What is going on? I mean, you got good people. 
I’m sure, at both labs, top-notch brains, scientists, but the security 
function just seems to be a problem. 

Mr. Anastasio. Well, I think there is a variety of issues. I think 
having the right leadership team and the people who are focused 
on this, to bring a system-level approach to it, to have consistency 
and simplicity so the employees can understand, actually making 
systems so that employees can succeed, people are human. They 
are fallible. People make mistakes. So we need to put in place a 
system so that if there is a mistake that we contain any potential 
impact of the mistake. This is standard but kind of safety ap- 
proached in human performance from the nuclear power industry, 
as an example. These are systems that so if you start to drift off, 
there is something to remind you, hey, you are starting to make 
a mistake, you need to stop. And that happens before there is any 
significant consequence. 

So these are the kinds of systems we are trying to put in place 
to really make sure the employees can be a success, they are very 
committed to our national security, they are very conscious and 
conscientious about security in this sense. And so my job is to 
make sure that I give them all the tools they can have to be a suc- 
cess and at the same time hold them accountable for my expecta- 
tions of them. And if they really intentionally violate the rules, 
then there are severe consequences for that. 

Do you find many who intentionally violate the rules? 

Mr. Anastasio. No, sir. Since June if I remember correctly, I 
think we terminated one employee for violating security rules. That 
is my memory, on the order of one or two. 

So it does happen. We will take the action to terminate someone, 
but it is not very frequent at all. 

Mr. Walden. Mr. Friedman, are you comfortable with what I am 
hearing here today from your independent perspective that things 
are going to turn around soon? 

Mr. Friedman. Mr. Walden, I guess that is the question that I 
hope I wasn’t asked. 

Mr. Walden. Now I am doing my job. 

Mr. Friedman. Einstein, I think, said that insanity is doing the 
same thing over and over and expecting a different result. 

Mr. Walden. Expect a different result. 

Mr. Friedman. As I testified in January, I am really hopeful that 
the new management team at Los Alamos and the Department’s 
aggressiveness will result in a meaningful change in the way they 
view security and safety and the other operational issues that have 
been a problem there for so many years. Can I give you a level of 
guarantee? No. I hope it is the case, and it would serve everyone 
if that is the case. 
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Mr. Walden. So we need to plan on another hearing in a couple 
of months at which time you should he able to give us that cer- 
tainty, correct? 

Mr. Friedman. Only if you serve lunch for the next hearing. 

Mr. Walden. Yes, well, hopefully it won’t be a barbecue. With 
that, I yield back my time, Mr. Chairman. 

Mr. Stupak. I thank the gentleman from Oregon. The gentleman 
from Washington, Mr. Inslee for questions? 

Mr. Inslee. Thank you. Mr. Friedman, I have missed some of 
this but I wanted to ask you, what could you tell us specifically 
needs to be done that is not currently being done at the lab so that 
you can control classified and unclassified, sensitive information? 

Mr. Friedman. Well, I think as the Secretary testified this morn- 
ing that many of the corrective actions are a work in progress, and 
that has been historically one of the problems it seems to me that 
we get off to a good start, we have good ideas, we try to implement 
good fixes, but they lose steam, the momentum is lost. So one of 
the important things that has to be done is that all of the good 
things that have been proposed, discussed here today, and have 
been reduced to writing in various forms are, in fact, implemented 
and they flow down to the entire organization. Again, one of the 
historic problems we found is that the upper levels frequently got 
it but it didn’t always make it down to the 10,000 or so other peo- 
ple who work at Los Alamos. So that is one. 

Second, I think we need to ensure that we overcome the resist- 
ance to change. Change is difficult for all of us but we the question 
was posed previously about the difference between Los Alamos and 
Livermore as an example. We have found historically that there 
has been strong resistance to change at Los Alamos. As much as 
I admire the laboratory and the work that they do and the people 
that are there, there is that resistance. And that has to be over- 
come. We have to make sure that the attempt to reduce the foot- 
print that Dr. Anastasio described today, that is, reduce the num- 
ber of vaults, consolidate, actually takes place. We have been advo- 
cating that frankly for a long, long time, and our recommendations 
simply have never been accepted. So there are some common-sense 
sorts of things that I think need to be done and can be done, and 
certainly the secretary has committed to it, as has Dr. Anastasio. 
And with the right set of oversight principles, I think we can hope- 
fully make progress. 

Mr. Inslee. I want to ask Dr. Anastasio, I have been told that 
the DOE failed to incorporate the current safeguards and security 
requirements contained in Order 470 in its contract with LANS 
when the contract was signed in December 2005. Is that accurate? 

Mr. Anastasio. My understanding is that the orders that were 
included did not include the appropriate language that civil pen- 
alties could result per the new 10 C.F.R. 824 order. So I believe, 
and I am not the expert on this, but I believe they were in the con- 
tract but it wasn’t done in the right way to make them subject to 
this new order. But my understand is that has now been fixed. 

Mr. Inslee. Well, has that been fixed? Are those new orders con- 
tractually binding on the contractor now? 

Mr. Anastasio. My understanding is that is the case right now, 
yes, sir. 
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Mr. Inslee. ok. Thank you. 

Mr. Stupak. Mr. Whitfield for questions? 

Mr. Whitfield. Thank you. Mr. Friedman, they didn’t give you 
lunch today, is that my understanding? 

Mr. Friedman. It doesn’t show but no I didn’t. 

Mr. Whitfield. When we talk about Los Alamos, we are always 
talking about two basic issues, one, the footprint is way too bug, 
and then second, the culture, what I refer to as culture. And people 
keep talking about this resistance to change, and Mr. Anastasio, 
you have been at Lawrence Livermore and now you are at Los Ala- 
mos. How do you characterize this resistance to change? Is that 
something that is real or is this just something we just talk about? 

Mr. Anastasio. I think it is real. I think there is a resistance to 
change, and I think all organizations have resistance to change, all 
individuals do. The employees at Los Alamos have been through 
very tumultuous times over the last many years, and there has 
been a lot of things happened to them. I think there is a lot of anxi- 
ety in the workforce, and that is one of my goals, of course, to sta- 
bilize the morale and get us focused on the future. And part of that 
is change, and I think the laboratory has not been through as 
much change at Los Alamos as I experienced at Livermore, having 
to face during my career there. But the goal I set out with the lab- 
oratory, I said let us think about it as improvement. It is not 
change to make your life worse, let us go decide what laboratory 
we want to be that is going to achieve all these goals that are hard 
to deny, and let us go create that laboratory, the laboratory we 
want to have, the kind that will serve us in the 21st century. And 
I find that employees are responding very much to that. But we 
have to take them through change. Change is a process, we all 
know, and we are in the middle of that process. We are not done 
yet. But I feel the laboratory has been very responsive. People want 
that kind of leadership, they want to move forward, they don’t like 
the fact that they get talked about in hearings like this, and they 
are very receptive to doing the things they need to do to go forward 
for the future. 

Mr. Whitfield. What are the total number of employees, includ- 
ing independent contractors? 

Mr. Anastasio. I don’t have an exact number off the top of my 
head, but around 13,000. 

Mr. Whitfield. Right. But the morale has been low just because 
of this constant barrage of bad publicity and security leaks? 

Mr. Anastasio. The constant barrage, the change of contractors, 
the change of directors. Los Alamos is used to having a director for 
10 years, 20 years at a time; and over the last 5 years, maybe we 
have had three or four different directors. I mean, there is just this 
kind of change that has gone on that they are not used to, and so 
we have to move the employees through that. 

Mr. Whitfield. Of course, you are the one responsible for doing 
this. How do you feel yourself about the progress that you’re mak- 
ing right now? 

Mr. Anastasio. I think we have made some really good progress 
as I tried to outline in my testimony, some examples of very con- 
crete things that we have accomplished. I would be anxious to be 
able to do it even faster than we are doing. That would be my de- 
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sire, so I am pushing the system. But on the other hand, it is very 
important that we don’t do this the way some things have been 
done in the past as well where you do Band-Aids because I think 
Mr. Friedman’s comment, can we sustain this? If it is just one 
Band-Aid here and the next thing comes, there is another Band- 
Aid there. You are just moving from issue to issue. We need to put 
in place a system that is sustainable, that puts us not to catch up 
with the threat that we have but gets in front of it so that we can 
respond to the future threats. Cyber security is so difficult because 
computer technology advances so rapidly, and as that advances, 
that generates different kinds of threats. So we have to put into 
place a system that is really sustainable for the long term that 
puts us out in front, as well as putting in place the risk reductions 
immediately to handle the problems that we have today in trying 
to catch up to that. We are also trying to build a system that will 
serve us well into the future. 

Mr. Whitfield. Well, we wish you the very best in this, and I 
think everyone in the country is really tired of the issue and hope 
to get it resolved; and I wish you the very best and look forward 
to continue working with you. I yield back the balance of my time. 

Mr. Anastasio. Thank you, and we know that we have a special 
responsibility for the country; and we are taking that very seri- 
ously. 

Mr. Stupak. Mr. Anastasio, I have got a few questions if I may. 
Mr. Friedman, could you give him that memo that you were look- 
ing at earlier? The second paragraph of this memo from Linton 
Brooks, subject. Pilot of the New National Nuclear Security Admin- 
istration Oversight Model at Los Alamos. The second line says, the 
arrival of a new management team at Los Alamos is an oppor- 
tunity to take that action. Therefore, you are directed to move im- 
mediately into a 2-year pilot of our new oversight model once you 
have concurred in the Los Alamos National Security, LLC (LANS) 
Contractor Assurance System. Now that is your group, right? 

Mr. Anastasio. Yes, sir. 

Mr. Stupak. So this pilot would apply to your group coming in 
to Los Alamos? 

Mr. Anastasio. Yes, sir. 

Mr. Stupak. OK. So you would be familiar with this memo? 

Mr. Anastasio. I am familiar with this, and I would like to just 
clarify one thing about this pilot and I do know about it, of course, 
and we are off doing our part. This of course is a memo to the site 
manager to the Federal workforce, not to us. But one thing to be 
clear on, it was very clear to me and still is that this is something 
that does not apply to security, it is something that does not apply 
to nuclear safety and biohazard facilities. This is something that 
applies 

Mr. Stupak. It deals with the overall management of this site. 

Mr. Anastasio. It deals with overall management. 

Mr. Stupak. And look what it says. 

Mr. Anastasio. The oversight model of security and of nuclear 
operations has not changed because of this pilot. This pilot is about 
other things like 

Mr. Stupak. Mismanagement of this site. It is totally related, 
whether you are dealing with classified, unclassified, employees 
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using drugs, not using drugs, cell phones, not using cell phones. It 
is the whole thing. And it says right here, the arrival of a new 
management team. You alluded to it, Mr. Friedman alluded to it. 
You come into a new management team, you are all fired up here 
to do something but then 6 months we lose the enthusiasm, noth- 
ing filters down. So instead of having more Federal oversight we 
are having less Federal oversight with self-assessment by the new 
management team, the new management team which has financial 
incentives to do well in their assessment. It seems like the fox is 
guarding the hen house in a way. 

Mr. Anastasio. Just to clarify again, sir, that there is two issues. 
There is the management system I use inside the laboratory and 
how we manage the laboratory and what tools we use to do 
that 

Mr. Stupak. Right, and we are trying to get at how are you going 
to be different from the other teams. 

Mr. Anastasio. That is our Contractor Assurance System that is 
outlined here. This is the management tool I use for all activities. 

Mr. Stupak. OK. 

Mr. Anastasio. That management system is transparent to the 
Federal Government so that they can see my dashboard, how I am 
doing against metrics. There is a second issue which is how does 
the Government provide oversight. In this pilot, the Government 
will maintain the same level of oversight, if not enhance it as what 
is going on now in things like security and like nuclear safety. The 
pilot is to try to change the oversight model for things that aren’t 
that. So there is a management system which is our Contractor As- 
surance System which is my system 

Mr. Stupak. And the pilot provides less oversight from a Federal 
point of view, from a DOE point of view? 

Mr. Anastasio. But not for security. 

Mr. Stupak. OK. Then let us look at our dashboard, the figure 
we have looked at today, these charts we have had up once or twice 
from opening that. 

Mr. Anastasio. Yes, sir. 

Mr. Stupak. In 2006, DOE’s Office of Health, Safety, and Secu- 
rity found failing or substandard security performance in 14 of the 
17 key areas — that is the chart over there — including classified ma- 
terial protection and control, cyber security, and emergency man- 
agement. The trend was negative compared to 2002. Mr. Podonsky, 
the head of that office, testified on January 30, our last hearing, 
that “Los Alamos received the lowest set of performance ratings for 
security and emergency management since 1999.” As you are look- 
ing at your dashboard, what explains it? Why are we going down- 
ward in our performance, security, cyber security? 

Mr. Anastasio. Just to recall that audit was done last fall, be- 
tween October and December of last year. Of course, I am very 
aware of it and was very concerned by it. We have taken a number 
of specific actions to address those issues. I have outlined a few of 
the concrete results of that. The other thing I would say is that 
many audits and reviews have been done since Mr. Podonsky’s re- 
view that you are referring to, and just over the last few weeks, 
Mr. Pike, the DOE CIO, was here 

Mr. Stupak. Right. 
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Mr. Anastasio. Not here, was at the laboratory as well as the 
NNSA CIO; and in talking to those folks after the review, they be- 
lieve that in fact we have made very significant progress, that we 
have improved relative to 

Mr. Stupak. So what changed the colors on that chart? What 
changed the red to something other than red, the yellow to at least 
green, and maybe we can get a blue one on there some day. How 
do we do it? 

Mr. Anastasio. Well, I think those are the steps that we have 
been taking that I have outlined for you today and that I believe 
that I have tried to demonstrate that we are very serious about 
this, that we are taking very specific actions, that they are very 
concrete. Some have resulted in very demonstrable improvement, 
that we are continuing to focus on making those improvements, 
and at that same time getting it in a way that is sustainable, that 
we don’t have to be back here 

Mr. Stupak. Look at your dashboard, look at your speedometer. 
You got another one of these reviews coming up I believe this fall. 

Mr. Anastasio. Yes, sir. 

Mr. Stupak. How fast are we going to be going? What colors are 
we going to see on there? 

Mr. Anastasio. Well, I want as many greens up there as I can 
get. That is my goal. 

Mr. Stupak. OK. On March 28 an employee discovered that 550 
employee names and Social Security numbers were posted on the 
Web site of a former subcontractor and worked for the former com- 
pany, Lujan Software Service, to remove this information. Do you 
have any idea how long that information about these employees 
were on the Web site? 

Mr. Anastasio. We are still investigating that issue right now, 
Mr. Chairman, so I don’t know for sure how long it has been there. 
We believe the data is from the 1998 period is how long it has actu- 
ally been up on the Web site, we have been working with Mr. 
Lujan and his company to try to do some forensics on the Web site 
to see if we can understand 

Mr. Stupak. Right. It didn’t have a counter, so we don’t’ know 
how many hits it has had. 

Mr. Anastasio. We are working that. We don’t have an answer 
to that. 

Mr. Stupak. It is from 1998 personnel records and was just dis- 
covered in 2007, so it has been there maybe 9 years? 

Mr. Anastasio. It is potentially that. On the other hand, the in- 
formation was a name and a Social Security number. 

Mr. Stupak. Right. 

Mr. Anastasio. That information was buried in several layers 
down inside that Web site of a relatively small company. So we are 
hopeful that there has been little opportunity to compromise it. The 
second thing that we have done, of course, my first concern in this 
whole incident was for the employees themselves and we have 
taken a number of actions to support the employees. And I could 
go through those, but my point was going to be that in fact we have 
informed all the employees who were affected. We have heard back 
from none of them that say that they had a concern that they think 
that their information might have been compromised. 
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Mr. Stupak. From this side I tell you, it would be a violation of 
the contract or subcontract to have this information out there. 

Mr. Anastasio. Certainly part of his subcontract was to protect 
the personal information. 

Mr. Stupak. Then what action or accountability has been taken 
for Lujan Software Services? 

Mr. Anastasio. Well, certainly we have made sure that we took 
down that information off that Web site. The lawyers and working 
with the IG, we are doing the investigation to understand what 
the 

Mr. Stupak. So no enforcement action then? 

Mr. Anastasio. Have yet but we are still in the middle of the in- 
vestigation. 

Mr. Stupak. OK. The Inspector General testimony calls for a 
risk-based evaluation of cyber security funding at Los Alamos to 
make sure that the resources are available for revised cyber secu- 
rity policies. Has your organization undertaken this evaluation? 
When will it be complete? And do you have an estimate of that po- 
tential cost? 

Mr. Anastasio. Yes, every year of course we given input to the 
Department on our funding requirements to meet the goals that 
they set out for us. So we do that every year. In addition, we have 
been in discussion with the Department about extending this idea 
of super vault-type rooms and made some estimates of what that 
might cost to — if this works like we hope, which we will learn as 
we run this pilot. We have been discussing with them as well what 
it would take to propagate that through the site in the way we 
would like over several years. 

Mr. Stupak. Do you have any numbers or anything for us? 

Mr. Anastasio. I think it is premature to tell you what the num- 
ber is. I think we have made some very simple estimate. Let me 
just say many tens of millions of dollars. 

Mr. Stupak. OK. 

Mr. Anastasio. I hope that is useful. 

Mr. Stupak. Well, I said earlier, it is not get out of jail free, it 
is not Monopoly, it is not paper money, it is taxpayers’ money and 
the monopoly — let me ask you a little bit about that. You are at 
Sandia. Did you have the contract at Sandia, too? Did you manage 
that lab? 

Mr. Anastasio. No, it does not. 

Mr. Stupak. Is this the only lab where for 63 years, basically the 
life of this lab, one entity has had responsibility there? 

Mr. Anastasio. It is certainly the only one in 63 years because 
Los Alamos was the first lab, of course, of that nature. The Law- 
rence Berkley Lab also has been under the UC contract. It is not 
a national security site but it is a DOE laboratory. But then the 
PNL Lab up in Washington has been under the same contractor, 
and I think that is coming up for competition and I don’t remember 
exactly when but in the near term. So there are other sites that 
have had one contractor for many decades but 

Mr. Stupak. Well, if you have open contractor, we have Secretar- 
ies come and go and members come and go and there is really no 
incentive to make that change, to bring forth any kind of change 
it seems like if you are always getting the same contract and no 
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matter how many hearings we have and things like this. And your 
hoard is still 50 percent UC. 

Mr. Anastasio. But as you said to me or the committee or sub- 
committee said to me earlier in a question, why didn’t we see these 
problems at Livermore, and I spent most of my career at Livermore 
which was under UC contract, too. So I don’t think these problems 
are fundamentally an issue of the contractor per se, I think it is 
about the local situation more than it is the fundamental issue of 
the contractor. That is my personal view. But I would also say that 
I am very personally motivated to make Los Alamos a success. This 
is certainly something that I believe is very important for the coun- 
try, and I can certainly speak for all the employees there, that they 
are very concerned about their role in these turbulent times the 
country faces to fulfill their role, to help the country’s security. 

Mr. Stupak. No one questions your commitment to the process, 
but as we have heard over and over again from many, many people 
sitting in those chairs, they are all enthused, they are all excited, 
it goes for a while, it fizzes out, and it never seems to get down 
to the other 13,000 employees. We have the guards striking at 
places, performance reviews seem to go from bad to worse, and be- 
lieve me, we don’t like being here anymore than you do and having 
to got through these hearings. 

Any further questions for anyone? I ask that the memo be made 
a part of the record, that our discovery book that we all agreed 
upon earlier be made part of the record except for the Official Use 
ones we will not make a part of the official record. We won’t put 
the OU documents in. 

With that we will keep the record open for 30 days and for fol- 
low-up questions for Secretary Bodman. I am sorry he had to leave. 
I am sure we will catch him back at another time, hopefully not 
in the real near future. And with that, we will let you go, Mr. 
Friedman. Get lunch and thank you for your time and effort. The 
hearing is adjourned. 

[Whereupon, at 1:10 p.m., the subcommittee was adjourned.] 

[Material submitted for inclusion in the record follows:] 

Testimony of Hon. Samuel Bodman 

Chairman Stupak, Congressman Whitfield, and Members of the Subcommittee, 
I’m pleased to appear before you to discuss what I consider to be one of the most 
pressing management issues confronting the Department of Energy (DOE). Since 
coming to the Department, one of my top goals has been to institute a safer, more 
secure work environment across the DOE complex. And I have meant this to include 
physical safety and security as well as cyber security. I want to be absolutely clear 
here: the protection of sensitive information is essential to our ability to meet our 
mission as a Department. 

This testimony is intended to describe the steps that we have taken to improve 
security within the Department of Energy following last year’s incident at Los Ala- 
mos National Laboratory (LANL). In particular, I will discuss improvements that 
have occurred since Deputy Secretary Sell last testified before you in January of 
this year. I would preface this discussion with two over-arching points: first, we 
have made significant progress over the past few months, and I am confident that 
we are on the right track. But, we are not satisfied. We are staying on top of this 
issue, and we continue to look for ways to identify and correct any potential weak- 
nesses. 

And I hasten to add that the entire senior leadership team at DOE — including 
myself. Deputy Secretary Sell, and National Nuclear Security Administration 
(NNSA) Acting Administrator Tom D’Agostino — remain strongly committed to im- 
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proving security at the entire DOE complex and to keeping this Committee closely 
informed of our progress. 

Senior Management Changes and DOE Oversight Actions 

First, let me describe the senior management and oversight changes that we have 
made at the Department level. In January, I made the difficult decision to replace 
the Under Secretary for Nuclear Security, and Thomas D’Agostino was named as 
the Acting Under Secretary and NNSA Administrator. In addition, NNSA has reas- 
signed the Los Alamos Site Office (LASO) Manager and has put one of its strongest 
managers, Daniel Glenn — formerly of the Pantex Site Office, in place as Acting 
Manager. We are making changes to the Los Alamos National Security, LLC 
(LANS) contract to mandate further improvements, and we have increased the 
planned fiscal year 2008 investment in cyber security significantly. 

In addition, following the event at LANL this past October, I formed two teams 
consisting of the Department’s three Under Secretaries, the Chief of Health, Safety, 
and Security, and the Chief Information Officer: a Personnel Security Task Force 
and a Cyber Security Review Team. I asked them to make specific recommendations 
based on the Department’s Inspector General report on the LANL incident. 

The Personnel Security Task Force submitted its report on February 28, 2007. It 
recommended improvement in several areas. I have accepted their recommendations 
and have directed implementation to begin immediately of the following: 

• Enhanced mandatory training for those involved in the granting of security 
clearances, 

• Strengthened Departmental policy on drug testing for those that hold security 
clearances, 

• Enhanced quality assurance oversight to increase confidence in the suitability 
of those granted a security clearance; and 

• Revised the personnel security organizational structure to increase the authority 
and ensure greater accountability for the Personnel Security Program. 

I have also directed that all of the recommendations made by the Cyber Security 
Review Team that have not already been implemented, be implemented imme- 
diately. To that end, issuance of a revised cyber security policy [DOE Order 205. lA] 
was completed on December 4, 2006. And, the new National Security Manual was 
issued on March 8, 2007. The Cyber Security Task Force also recommended the fol- 
lowing, which we are in the process of implementing: 

• Mandatory separation of duties for key positions, such as Information System 
Security Officers and System Administrators, 

• Improved training for all individuals with cyber security responsibilities; and 

• Improved line management oversight of cyber security. 

We are also taking steps to further stren^hen the oversight by NNSA of LASO. 
The NNSA Acting Administrator has directed the NNSA Chief Information Officer 
to work very closely with Site Office management to ensure cyber security require- 
ments are implemented by LANL. To ensure that these requirements are fully im- 
plemented, the Designated Approval Authority position for cyber security has been 
strengthened within the LASO management structure. This position will report di- 
rectly to the Site Office Manager and is in the process of being filled. Working in 
concert with the Site Office and NNSA management additional cyber security per- 
sonnel will be hired to bolster the cyber security staff and program within the Site 
Office. 

Further, Acting Administrator D’Agostino has requested that DOE’s Office of 
Health, Safety and Security conduct annual inspections at Los Alamos for the next 
three years. This month, both NNSA’s Office of Defense Nuclear Security and CIO 
will inspect LANL for the cyber and physical security programs. The Site Office will 
conduct annual surveys — and regular observations — of the Lab’s security programs. 

We are also exercising the Department’s new authorities under 10 CFR 824, Pro- 
cedural Rules for the Assessment of Civil Penalties for Classified Information Secu- 
rity Violations. The DOE Office of Enforcement has completed its review of the 
LANL incident and last week the Department held an enforcement conference with 
the Lab’s current management and operating contractor, LANS, and with the 
former contractor, the University of California. Similar to the process we use for 
Price-Anderson enforcement, both contractors now have the opportunity to respond 
before we make a decision regarding a Preliminary Notice of Violation. 

Finally, I would just add that I continue to be in close contact with the senior 
leadership of the Laboratory and the LANS Board. 
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Corrective Actions by LANL Management & Operating Contractor LANS, 

LLC 

Even while these Departmental reviews and changes have been underway, LANS 
has moved ahead with corrective actions. Following the incident, LANS immediately 
strengthened its escorting procedures, initiated mandatory entry and exit inspec- 
tions of vault-type room visitors, and increased the number of exit inspections at 
other security boundaries ten-fold. 

One of the issues identified as a contributing cause to this incident was the span 
of classified activities. LANS continues on schedule to move to a diskless environ- 
ment, reducing the number of pieces of classified removable electronic media 
(CREM) and the number of classified paper documents. LANL recognizes their vol- 
ume of classified holdings is unnecessarily large, conducted in too many security 
areas, involves too many people, and is spread out over too large of an area. As a 
result, LANS is aggressively reducing the number of locations where they hold and 
process classified matter. LANS will more closely scrutinize the continued need for 
existing security operations or the establishment of a new security area. This will 
enable them to better focus professional security resources to provide stronger man- 
agement and oversight of classified operations. 

To achieve this reduction, LANS has proposed, and NNSA has approved, a new 
consolidated vault-type room (VTR) concept to create classified matter storage and 
processing centers thatwill reduce the number of security areas and enhance the ac- 
countability and control of classified matter. The first "Super" VTR is planned to 
open on June 1, 2007. 

The Weapons Engineering Division at LANL plans to close three VTRs imme- 
diately, three more by the end of April, and another five by the end of fiscal year 
2007, a reduction of 50 percent. This division also plans to further reduce its CREM 
holdings by 90 percent, from 364 to a dozen or so pieces in the near term. Another 
division within LANL, the Weapons Physics Division, currently has six VTRs; it will 
close three by the end of fiscal year 2007. The classified materials in these VTRs 
will be archived, destroyed, or re-located as appropriate. These reductions are just 
examples of progress that will reduce security risk without reducing the productivity 
of our scientists and engineers. 

While this incident occurred during the early stage of LANS’ contract, I hold it 
accountable for the incident, and for rectifying the situation, just as I would at any 
DOE site managed by any contractor. 

The LANS Board of Governors has also taken an active role in reviewing and vali- 
dating the adequacy of LANL’s corrective actions. The Board is closely monitoring 
the Laboratory’s integrated corrective action plan which was developed to address 
the root causes of the incident identified during the incident inquiry. LANS has re- 
assigned cyber security responsibilities to the Chief Security Officer who reports di- 
rectly to the Laboratory Director. The Board has also made a significant effort to 
employ the collective power of the LANS member companies through the use of As- 
sess, Improve, and Modernize, or AIM Teams from the member companies to con- 
duct oversight assessments and make recommendations for improvement. The 
Board has taken aleadership role in numerous other ways as well, but most impor- 
tantly, it has opened a clear line of communication with me and the Acting NNSA 
Administrator. I talk to the Chairman of the LANS Board of Governors, Gerald 
Parsky on a regular basis. In fact, we met with the Chairman and Vice Chairman 
of the Board of Governors in person two weeks ago. 

Concluding Observations 

While we have made significant improvements and changes in personnel and 
cyber security programs, I believe that in order to guard against future incidents, 
we must continually improve the security culture across the DOE complex. And we 
will. 

In closing, let me just say this: the men and women who work at LANL and all 
our National Laboratories are among the world’s most talented scientists and engi- 
neers. Since their founding, these Laboratories have demonstrated again and again 
the tremendous power — and promise — of science to help our nation solve its greatest 
challenges. But such a system cannot tolerate any lapses in security — be they in the 
physical or cyber realm. Protecting critical information and maintaining a vibrant, 
collaborative scientific culture are not mutually exclusive goals. Quite the opposite 
is true. In this case, you absolutely cannot achieve one without the other. And, you 
continue to have my word that I will do everything in my power to support both 
objectives. The American people deserve no less. 
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This concludes my statement. I will be pleased to respond to your questions. 
Thank you. 


Testimony of Michael R. Anastasio 

Good morning Chairman Stupak, Ranking Member Whitfield, and Members of the 
Subcommittee. Thank you for the opportunity to update you on our progress. 

I am Michael Anastasio, director of Los Alamos National Laboratory since June 
2006, and president of Los Alamos National Security, LLC. 

I am pleased to report that we have continued to make significant progress on 
many fronts since I last addressed this Subcommittee 11 weeks ago. Today, in keep- 
ing with the subject of this hearing, I will focus on security. As I expressed at the 
last hearing, I personally take the issue of security at Los Alamos very seriously. 
We are entrusted with some of the Nation’s most important secrets and I view their 
safeguarding as one of my most significant responsibilities. 

First, we have significantly cut our risks in both cyber and physical security. This 
includes reducing and consolidating our classified holdings, per the subcommittee’s 
stated concern. Second, we are taking additional actions to make policy clear and 
consistent — and to change employee behavior. Third, we are putting in place com- 
prehensive corrective actions with a major focus on long-term sustainability. 

My management team, my Board of Governors, and I are taking a number of spe- 
cific actions to reduce risk. 

Cyber security. We now have positive control over both our classified computer 
ports, using a combination of software, physical locks, and tamper-indicating de- 
vices. All of our classified systems have been inspected and found to be compliant. 
We have reduced the number of stand-alone classified systems by 28 percent. 

Physical security. We have made our vault escort requirements clearer and 
much tougher, requiring the search of all belongings carried by those escorted in 
and out of vaults. By December, we will have reduced our accountable classified re- 
movable electronic media (known as ACREM) by 50 percent. We have destroyed al- 
most 1,500 classified parts and 500 boxes of classified documents that we inherited. 
We have eliminated 14 vault-type rooms, a reduction of 10 percent — with more to 
come. 

Policy and behaviors. In the area of policy and behaviors, we have uniformly 
trained our Information Systems Security Officers (ISSOs) and are hiring senior 
ISSOs in all key organizations to provide consistency throughout the Laboratory. 

We are making our cyber security policy clearer and simpler. In addition to man- 
datory training, we will promote the right behavior through active employee partici- 
pation. For example, we will directly involve employees through worker-led security 
teams at multiple levels. 

On March 5, we launched an enhanced substance abuse program. Every newly 
hired employee is tested for illegal drugs, and every badgeholder is now subject to 
random testing, regardless of his or her clearance level. 

New type of vault-type room. For long-term effectiveness and sustainability, 
we have begun constructing a super vault-type room, the first of its kind. This will 
allow us to consolidate and control classified information uniformly. At the same 
time, it will give authorized users efficient access. 

I expect to complete construction of the first functional prototype by June. This 
project will initially allow us to close at least six more vault-type rooms and reduce 
our ACREM libraries by nearly one-third. 

By constructing additional super vault-type rooms, we will reduce the number of 
classified vaults to an absolute minimum, consistent with our operational require- 
ments. 

Validation, verification & oversight. We have been careful to embed valida- 
tion and verification into our corrective action plans to sustain all these efforts and 
to prevent backsliding. Moreover, everything we’re doing is being closely scrutinized 
only by Congress but by my own Board of Governors and by DOE, NNSA, and other 
oversight bodies. I welcome that continuing scrutiny. It validates that we’re heading 
in the right direction — and keeps our eye on the ball. 

As I testified previously on this issue, there are no “silver bullets” where security 
is concerned. But, with these security enhancements, and Board of Governors sup- 
port and oversight, we are aggressively moving Los Alamos in the right direction, 
as we are on many other fronts vital to the Lab’s mission. 

Thank you again for the opportunity to testify. I would be pleased to answer any 
questions you may have. 
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Statement of Gregory H. Friedman 

Mr. Chairman and members of the Subcommittee, I am pleased to be here at your 
request to testify on the concerns expressed in your April 5 letter regarding oper- 
ations at the Los Alamos National Laboratory. 

Background 

In January of this year, I testified before this subcommittee on the special inquiry 
conducted by my office regarding the diversion of classified data from the Los Ala- 
mos National Laboratory. Specifically, at the request of the Secretary of Energy, we 
examined the efforts of the Department and its contractors to protect classified in- 
formation and the steps that were taken to ensure that only authorized individuals 
had access to such information. Our report on this matter was issued on November 
27, 2006. 


Office of Inspector General Review 

The Office of Inspector General (OIG) found that the security environment at Los 
Alamos was inadequate, despite the expenditure of millions of dollars by the Na- 
tional Nuclear Security Administration to upgrade various components of the Lab- 
oratory’s security apparatus. 

In particular, related to the cyber security control structure, we found that: 

• Certain computer ports, which could have been used to inappropriately migrate 
information from classified systems to unclassified devices and computers, had not 
been disabled; 

• Classified computer racks were not locked; 

• Certain individuals were inappropriately granted access to classified computers 
and equipment to which they were not entitled; 

• Computers and peripherals that could have been used to compromise network 
security were introduced into a classified computing environment without approval; 
and, 

• Critical security functions had not been adequately separated, essentially per- 
mitting system administrators to supervise themselves and override controls. 

In many cases. Laboratory management and staff had not: developed policies nec- 
essary to protect classified information, enforced existing safeguards, or provided 
the attention or emphasis necessary to ensure protective measures were adequate. 
Some of the security policies were conflicting or applied inconsistently. We also 
found that Laboratory and Federal officials were not as aggressive as they should 
have been in conducting security reviews and physical inspections. In short, our 
findings raised serious concerns about the Laboratory’s ability to protect both classi- 
fied and sensitive information systems. 

The OIG also reviewed certain aspects of the security clearance process in place 
for Laboratory employees. We identified particular weaknesses associated with this 
program which were discussed in a closed session of this subcommittee in January 
of this year. 


Departmental Response 

After this incident was discovered. Department and Laboratory management offi- 
cials launched several efforts to identify and correct control deficiencies that contrib- 
uted to an environment in which classified information could be removed without 
authorization. In particular, the Deputy Secretary directed an immediate review of 
policies and practices related to computer ports at each of the Department’s facili- 
ties. Further, the Secretary established two high-level Task Forces to address our 
findings. The reports of the Secretary’s Task Forces and a list of the proposed cor- 
rective actions were provided to my office last week. 

The report from the Department’s Committee to Review the Cyber Security-relat- 
ed Recommendations indicated concurrence with the OIG’s report and specified that 
the Department had initiated corrective actions that involved revising policy, secur- 
ing unneeded ports, limiting access and privileges, and maintaining separation of 
duties. The report also indicated that controls over security planning and accredita- 
tion and physical inspections were to be strengthened and that corrective actions 
would be tracked to resolution. 

The Personnel Security Program Review Task Force analyzed the OIG report and 
agreed that there were personnel security program weaknesses. The Task Force ad- 
dressed the security clearance issues raised in our November 2006 report. Specifi- 
cally, it identified and developed recommendations for improving Department-wide 
training, policy, quality assurance and oversight, and organizational structure. Addi- 
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tional details are contained in the Task Force’s report, which has been marked by 
the Department as "Official Use Only." 

Many of the corrective actions outlined by the two Task Forces are in progress. 
However, implementation and execution are key. If properly carried out, the correc- 
tive actions should improve classified operations at Los Alamos and could help pre- 
vent similar incidents at Departmental facilities around the complex. 

Issues Requiring Continuing Attention 

As I have testified on several occasions, the Department must do a better job ad- 
dressing the recurring challenges it faces. Specifically: 

1. With regard to the current matter, the Department must ensure that all ac- 
tions and recommendations outlined in the Task Force Reports are formalized into 
policy and adopted as practice throughout the Department. As part of that effort, 
these policies should be incorporated into all facility contracts. 

2. To achieve the recommended reforms, the Department must establish firm 
schedules with specific implementation timelines and performance metrics. 

3. Both Federal and contractor officials need to manage more aggressively. As 
part of that process, the Department needs to ensure that its Federal contract man- 
agement function is adequately staffed and that the skill mix is appropriate. In ad- 
dition, Department and Laboratory officials must develop a more comprehensive 
regimen of compliance testing and follow-up to ensure that security policies and pro- 
cedures are rigorously followed. 

4. Individuals and institutions, both Federal and contractor, must be held ac- 
countable for failure to follow established security measures. As it has begun to do 
in its response to the recent Los Alamos incident, the Department should emphasize 
that the failure to properly protect classified information and materials will have 
meaningful consequences. 

Finally, consistent with our November 2006 recommendation, we continue to be- 
lieve that the Department should perform a risk-based evaluation of cyber security 
funding at Los Alamos. The objective of this evaluation would be to ensure that the 
resources are available for complete implementation of the revised cyber security 
policies and procedures. 

Ongoing Inspector General Efforts 

For the past 5 years, we have identified both cyber and physical security as press- 
ing management challenges. For these reasons, and because of the recent incidents, 
the Office of Inspector General continues to be concerned about security across the 
complex. We have ongoing activities to examine information technology and systems 
security; implementation of revised security measures; disposal of sensitive prop- 
erty; and, issues related to protective force training. 

In addition to our on-going work, the full Committee, in January 2007, requested 
that the Government Accountability Office (GAO) examine the security of the De- 
partment’s unclassified and classified information networks and its cyber security 
programs. My office coordinates closely with GAO on reviews of the Department, 
and we believe that the assessment requested by the Committee will lead to a 
strengthened agency-wide security posture. My office will continue to conduct audit, 
inspection, and investigative work that will complement the review requested by the 
Committee. 

Mr. Chairman, this concludes my statement and I would be pleased to answer any 
questions you may have. 
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